add mail server

1 files changed, 58 insertions, 0 deletions

diff --git a/machines/mail/default.nix b/machines/mail/default.nix
new file mode 100644
index 0000000..eca85a2
--- /dev/null
+++ b/machines/mail/default.nix
@@ -0,0 +1,58 @@
+{ config, lib, pkgs, ... }:
+
+let endpoint = "2a01:4f8:1c1c:3ce7::1";
+in
+{
+  networking = {
+    domain = ".vapor.systems";
+    hostName = "mail";
+    dhcpcd.enable = false;
+    interfaces.eth0 = {
+      ipv4 = {
+        addresses = [
+          { address="116.203.26.228"; prefixLength=32; }
+        ];
+
+        routes = [
+          { address = "172.31.1.1"; prefixLength = 32; }
+        ];
+      };
+      ipv6 = {
+        addresses = [
+          { address="2a01:4f8:1c1c:3ce7::1"; prefixLength=64; }
+          { address="fe80::9000:6ff:fe53:14ce"; prefixLength=64; }
+        ];
+        
+        routes = [
+          { address = "fe80::1"; prefixLength = 128; }
+        ];
+      };
+    };
+
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+  };
+
+  pubKey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPVwt+/sB77NZnjwqgwtkcqKsIYyMnYh5qlqYoY9dLEd";
+
+  wireguard = {
+    enable = true;
+    inherit endpoint;
+    v4 = { address = "10.10.0.6"; };
+    v6 = { address = "6"; };
+    publicKey = "lk0mN1R5Uf5iwvWe/4mOmrMap7xtsieQaJSHcXQ7+VY=";
+    allowedIPs = [];
+  };
+
+  deploy = {
+    host = endpoint;
+    sshUser = "audron";
+    buildOn = "remote";
+    substituteOnTarget = true;
+    hermetic = false;
+  };
+}