chore: rename lisanew

machines/akhaten/default.nix

@@ -0,0 +1,32 @@
+{ ... }:
+{
+  imports = [
+    ./hardware.nix
+    ./home-julien.nix
+    ./stalwart.nix
+  ];
+
+  deployment.tags = [ "server" ];
+
+  disko = import ./disko.nix;
+
+  services.fail2ban.enable = true;
+
+  networking.useNetworkd = true;
+  systemd.network = {
+    enable = true;
+
+    networks = {
+      "10-wan" = {
+        matchConfig.Name = "enp0s20";
+        networkConfig = {
+          DHCP = "ipv4";
+        };
+
+        linkConfig.RequiredForOnline = "routable";
+      };
+    };
+  };
+
+  system.stateVersion = "24.11";
+}

machines/akhaten/disko.nix

@@ -0,0 +1,36 @@
+{
+  devices = {
+    disk = {
+      main = {
+        type = "disk";
+        device = "/dev/disk/by-id/ata-HGST_HTE721010A9E630_JR10034M34EVTK";
+        content = {
+          type = "gpt";
+          partitions = {
+            boot = {
+              size = "1M";
+              type = "EF02"; # for grub MBR
+            };
+            ESP = {
+              size = "512M";
+              type = "EF00";
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+              };
+            };
+            root = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/";
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}

machines/akhaten/hardware.nix

@@ -0,0 +1,22 @@
+{
+  config,
+  lib,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+  boot.loader.grub.enable = true;
+  boot.initrd.availableKernelModules = [ "ahci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  swapDevices = [ { device = "/dev/disk/by-uuid/b2563fcf-18af-43da-b2d2-3e7b84f72421"; } ];
+
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

machines/akhaten/home-julien.nix

@@ -0,0 +1,8 @@
+_: {
+
+  luj.hmgr.julien = {
+    luj.programs.neovim.enable = true;
+    luj.programs.ssh-client.enable = true;
+    luj.programs.git.enable = true;
+  };
+}

machines/akhaten/stalwart.nix

@@ -0,0 +1,71 @@
+{
+  services.stalwart-mail = {
+    enable = true;
+    settings = {
+      global.tracing.level = "trace";
+      authentication.fallback-admin = {
+        user = "admin";
+        secret = "$6$R469iElYzZ7v7TlV$PtJpqLO0Szw.B/r8V.puCC26i5.nfQLJQotTWrNoBsTrFo6/J1pC43OIMKc.2Oli/Of0pjPcgbBNmhfFImuuu0";
+      };
+      lookup.default.hostname = "mail.luj.fr";
+      server = {
+        max-connections = 8192;
+        hostname = "mail.luj.fr";
+        tls.enable = true;
+        listener = {
+          "smtp" = {
+            bind = [ "[::]:25" ];
+            protocol = "smtp";
+          };
+          "smtp-submission" = {
+            bind = "[::]:587";
+            protocol = "smtp";
+          };
+          "smtp-submissions" = {
+            bind = [ "[::]:465" ];
+            protocol = "smtp";
+            tls.implicit = true;
+          };
+          "imap" = {
+            bind = [ "[::]:143" ];
+            protocol = "imap";
+          };
+          "imaptls" = {
+            bind = [ "[::]:993" ];
+            protocol = "imap";
+            tls.implicit = true;
+          };
+          "http" = {
+            bind = "[::]:80";
+            protocol = "http";
+          };
+
+          "https" = {
+            bind = "[::]:443";
+            protocol = "http";
+            tls.implicit = true;
+          };
+
+          "sieve" = {
+            bind = "[::]:4190";
+            protocol = "managesieve";
+          };
+        };
+      };
+
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [
+    80
+    443
+    8080
+    465
+    993
+    143
+    25
+    4190
+    587
+  ];
+
+}