chore: redeploy stalwart with hidden creds

This commit is contained in:
Luj 2024-08-25 19:28:56 +02:00
parent 5cd0159059
commit 56869ba276

View file

@ -3,10 +3,9 @@
services.stalwart-mail = { services.stalwart-mail = {
enable = true; enable = true;
settings = { settings = {
global.tracing.level = "trace";
authentication.fallback-admin = { authentication.fallback-admin = {
user = "admin"; user = "admin";
secret = "$6$R469iElYzZ7v7TlV$PtJpqLO0Szw.B/r8V.puCC26i5.nfQLJQotTWrNoBsTrFo6/J1pC43OIMKc.2Oli/Of0pjPcgbBNmhfFImuuu0"; secret = "%{file:/var/lib/stalwart-mail/admin-hash}%";
}; };
lookup.default.hostname = "mail.luj.fr"; lookup.default.hostname = "mail.luj.fr";
server = { server = {
@ -57,6 +56,13 @@
}; };
}; };
age.secrets.stalwart-admin-hash = {
file = ../../secrets/stalwart-admin.age;
path = "/var/lib/stalwart-mail/admin-hash";
owner = "stalwart-mail";
group = "stalwart-mail";
};
machine.meta.zones."luj.fr".subdomains."mail" = { machine.meta.zones."luj.fr".subdomains."mail" = {
A = [ config.machine.meta.ips.public.ipv4 ]; A = [ config.machine.meta.ips.public.ipv4 ];
AAAA = [ config.machine.meta.ips.public.ipv6 ]; AAAA = [ config.machine.meta.ips.public.ipv6 ];