zuckerberg/nix-config
zuckerberg/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Activity

disable mta-sts

Browse Source
This commit is contained in:
zuckerberg 2021-08-31 21:25:59 -04:00
parent 99f5226f41
commit d319188a11
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
machines/liza/configuration.nix
View File

@ -1,6 +1,17 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
{ let
mta-sts-web = {
enableACME = true;
forceSSL = true;
locations."=/.well-known/mta-sts.txt".alias = pkgs.writeText "mta-sts.txt" ''
version: STSv1
mode: none
mx: mail.neet.dev
max_age: 86400
'';
};
in {
imports =[ imports =[
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
@ -178,6 +189,12 @@
certificateScheme = 3; # use let's encrypt for certs certificateScheme = 3; # use let's encrypt for certs
}; };
age.secrets.email-pw.file = ../../secrets/email-pw.age; age.secrets.email-pw.file = ../../secrets/email-pw.age;
services.nginx.virtualHosts."runyan.org" = mta-sts-web;
services.nginx.virtualHosts."runyan.rocks" = mta-sts-web;
services.nginx.virtualHosts."thunderhex.com" = mta-sts-web;
services.nginx.virtualHosts."tar.ninja" = mta-sts-web;
services.nginx.virtualHosts."bsd.ninja" = mta-sts-web;
services.nginx.virtualHosts."bsd.rocks" = mta-sts-web;
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;