diff --git a/system/server/default.nix b/system/server/default.nix
index e04a03e..5cd7cdd 100644
--- a/system/server/default.nix
+++ b/system/server/default.nix
@@ -1,4 +1,4 @@
{lib, ...}: {
- imports = [./caddy.nix ./transfer-sh.nix ./seafile.nix ./bot.nix ./immich.nix ./matrix.nix ./mail.nix];
+ imports = [./caddy.nix ./index ./seafile.nix ./bot.nix ./immich.nix ./matrix.nix ./mail.nix];
options.niksos.server = lib.mkEnableOption "server servcies (such as caddy)."; #TODO: per service option.
}
diff --git a/system/server/index/default.nix b/system/server/index/default.nix
new file mode 100644
index 0000000..2cfd6f7
--- /dev/null
+++ b/system/server/index/default.nix
@@ -0,0 +1,14 @@
+{
+ config,
+ lib,
+ ...
+}: {
+ services.caddy.virtualHosts."jsw.tf" = lib.mkIf config.niksos.server {
+ extraConfig = ''
+ header Content-Type text/html
+ respond <
+
+
+
+
+ Under Construction
+
+
+
+ 🚧🚧 This Site is Under Construction 🚧🚧
+ Hello! I'm jsw , a frontend web developer with experience in Svelte + TS , Nix(OS) and currently learning Rust . This site is still under development, so please bear with me. In the meantime, feel free to reach out via email or explore my projects on GitHub.
+
+
+
+ © 2025 @jsw08. Source visible.
+
+
+
diff --git a/system/server/mail.nix b/system/server/mail.nix
index a9fdc03..85e67e8 100644
--- a/system/server/mail.nix
+++ b/system/server/mail.nix
@@ -1,117 +1,29 @@
-{config, ...}: {
- # nixpkgs.overlays = [
- # (final: prev: let
- # version = "0.12.4";
- # hash = "sha256-MUbWGBbb8+b5cp+M5w27A/cHHkMcoEtkN13++FyBvbM=";
- # cargoHash = "sha256-G1c7hh0nScc4Cx7A1UUXv6slA6pP0fC6h00zR71BJIo=";
- # in {
- # stalwart-mail = prev.stalwart-mail.overrideAttrs (new: old: rec {
- # inherit cargoHash version;
- # src = prev.fetchFromGitHub {
- # inherit version hash;
- # inherit (old.src) owner repo;
- # tag = "v${version}";
- # };
- # cargoDeps = prev.rustPlatform.fetchCargoVendor {
- # inherit src;
- # hash = cargoHash;
- # };
- # });
- # })
- # ];
- # services.stalwart-mail = {
- # enable = true;
- # openFirewall = false; # Don't want to open port 8080, will leave that for caddy.
- # credentials = {
- # user_admin_password = config.age.secrets.mail-admin.path;
- # };
- # settings = {
- # authentication.fallback-admin = {
- # secret = "%{file:/run/credentials/stalwart-mail.service/user_admin_password}%";
- # user = "admin";
- # };
- # server = {
- # tracer."log" = {
- # ansi = false;
- # enable = true;
- # level = "info";
- # path = "./stalwart/logs";
- # prefix = "stalwart.log";
- # rotate = "daily";
- # type = "log";
- # };
- # listener = {
- # bind = "127.0.0.1:9003";
- # protocol = "http";
- # };
- # imaptls = {
- # bind = "[::]:993";
- # protocol = "imap";
- # tls.implicit = true;
- # };
- # smtp = {
- # bind = "[::]:25";
- # protocol = "smtp";
- # };
- # submissions = {
- # bind = "[::]:465";
- # protocol = "smtp";
- # tls.implicit = true;
- # };
- # };
- # };
- #
- # hostname = "mx1.jsw.tf";
- # lookup.default.domain = "jsw.tf";
- # acme."letsencrypt" = {
- # directory = "https://acme-v02.api.letsencrypt.org/directory";
- # challenge = "tls-alpn-01";
- # contact = ["jurnwubben@gmail.com"];
- # domains = ["jsw.tf" "mx1.jsw.tf"];
- # renew-before = "30d";
- # };
- # directory."imap".lookup.domains = ["jsw.tf"];
- # # directory."in-memory" = {
- # # type = "memory";
- # # principals = [
- # # {
- # # class = "individual";
- # # name = "User 1";
- # # secret = "%{file:/etc/stalwart/mail-pw1}%";
- # # email = [""];
- # # }
- # # ];
- # # };
- # };
+{
+ config,
+ lib,
+ ...
+}: {
+ #FIXME: revert when stopped using docker for stalwart. https://github.com/NixOS/nixpkgs/issues/416091 (look at older commits for previous code.)
- #FIXME: revert when stopped using docker for stalwart. https://github.com/NixOS/nixpkgs/issues/416091
-
- virtualisation.oci-containers.containers.stalwart = {
- image = "docker.io/stalwartlabs/stalwart:latest";
- labels = {
- "io.containers.autoupdate" = "registry";
+ config = lib.mkIf config.niksos.server {
+ virtualisation.oci-containers.containers.stalwart = {
+ image = "docker.io/stalwartlabs/stalwart:latest";
+ labels = {
+ "io.containers.autoupdate" = "registry";
+ };
+ ports = ["25:25" "465:465" "993:993" "9003:8080"];
+ volumes = [
+ "/opt/stalwart:/opt/stalwart"
+ ];
};
- ports = ["25:25" "465:465" "993:993" "9003:8080"];
- volumes = [
- "/opt/stalwart:/opt/stalwart"
+ networking.firewall.allowedTCPPorts = [
+ 993
+ 25
+ 465
];
- };
- networking.firewall.allowedTCPPorts = [
- 993
- 25
- 465
- ];
- services.caddy.virtualHosts = {
- "mail.jsw.tf" = {
- extraConfig = ''
- reverse_proxy http://127.0.0.1:9003
- '';
- # serverAliases = [
- # "mta-sts.jsw.tf"
- # "autoconfig.jsw.tf"
- # "autodiscover.jsw.tf"
- # ];
- };
+ services.caddy.virtualHosts."mail.jsw.tf".extraConfig = ''
+ reverse_proxy http://127.0.0.1:9003
+ '';
};
}
diff --git a/system/server/transfer-sh.nix b/system/server/transfer-sh.nix
deleted file mode 100644
index b282ee2..0000000
--- a/system/server/transfer-sh.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{config, ...}: {
- services.transfer-sh = {
- enable = config.niksos.server;
- settings = {
- PURGE_DAYS = 7;
- MAX_UPLOAD_SIZE = 4 * 1000 * 1000; # 4gb
- # CORS_DOMAINS = "transfer.jsw.tf"; #FIXME: open it to the world wide web.
- BASEDIR = "/var/lib/transfer.sh";
- LISTENER = ":9000";
- HTTP_AUTH_USER = "jsw";
- EMAIL_CONTACT = "jurnwubben@gmail.com";
- };
- secretFile = config.age.secrets.transferSh.path;
- };
- systemd.services.transfer-sh.serviceConfig = {
- StateDirectory = "transfer.sh";
- StateDirectoryMode = "0750";
- };
-
- services.caddy.virtualHosts."share.jsw.tf" = {
- extraConfig = ''
- reverse_proxy :9000
- '';
- };
-}