From 15775a1b5d1607b11507794b16f62402948b4521 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sat, 21 Oct 2023 23:10:39 +0000 Subject: [PATCH 01/17] feat: added possible server names and updated the ITD csv --- ITD_Firewall.csv | 6 +++--- Possible_Server_Names.md | 19 +++++++++++++++++++ 2 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 Possible_Server_Names.md diff --git a/ITD_Firewall.csv b/ITD_Firewall.csv index 8e256af..1bd9535 100644 --- a/ITD_Firewall.csv +++ b/ITD_Firewall.csv @@ -7,8 +7,8 @@ SKYNET00005,galatea,193.1.99.111,galatea/stream,80/443 8000,"","",ULFM Radio SKYNET00006,optimus,193.1.99.112,optimus/games/*.games,80/443 25565,"","",Games server SKYNET00007,kitt,193.1.99.74,kitt/account/api.account,"",80/443,i23-07-28_010,LDAP and Self-Service Password/Account management SKYNET00008,glados,193.1.99.75,glados/gitlab/*.pages.gitlab,80/443,2222,i23-05-18_249,Gitlab server -SKYNET00009,gir,193.1.99.76,gir/mail,80/443 25/143/993/587/465,"",i23-06-19_525/i23-06-19_525,Email and Webmail +SKYNET00009,gir,193.1.99.76,gir/mail/imap/pop3/smtp,80/443 25/143/993/587/465,"",i23-06-19_525/i23-06-19_525,Email and Webmail SKYNET00010,wheatly,193.1.99.78,wheatly,"","","",Gitlab Runner -SKYNET00011,skynet_internal,193.1.99.79,skynet/skynet.int,80/443,"",i23-06-19_525,"Skynet server, Temp until I can get the DMZ setup properly on my end" -SKYNET00012,skynet_dmz,193.1.96.165,skynet,22 80/443,"",i23-06-30_024,Skynet server. +SKYNET00011,earth,193.1.99.79,earth,80/443,"",i23-06-19_525,Offical website host +SKYNET00012,skynet,193.1.96.165,skynet,22 80/443,"",i23-06-30_024,Skynet server. (DMZ) SKYNET00013,neuromancer,193.1.99.80,neuromancer,"","","",Local Backup Server \ No newline at end of file diff --git a/Possible_Server_Names.md b/Possible_Server_Names.md new file mode 100644 index 0000000..435cdec --- /dev/null +++ b/Possible_Server_Names.md @@ -0,0 +1,19 @@ +https://web.archive.org/web/20180815150202/https://wiki.skynet.ie/Admin/SkynetMachines +https://en.m.wikipedia.org/wiki/Category:Fictional_artificial_intelligences + +* agentsmith +* skynet +* caro +* Lowe - https://westworld.fandom.com/wiki/Bernard_Lowe +* ultron +* walle +* eve +* calculon +* deepthought +* earth +* flexo +* bender +* marvin +* kitt +* wopr +* wintermute From cc99fb92ec40aef9de52cf910c0e410c696f9245 Mon Sep 17 00:00:00 2001 From: runner_nix Date: Sun, 22 Oct 2023 13:26:17 +0000 Subject: [PATCH 02/17] [skip ci] Updated flake for skynet_ldap_backend --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 986c112..6e08131 100644 --- a/flake.lock +++ b/flake.lock @@ -679,11 +679,11 @@ }, "locked": { "host": "gitlab.skynet.ie", - "lastModified": 1697743642, - "narHash": "sha256-c2CW9BLDzGRAHJGkbxQGYQI6MUKttOGAJrMbXT8eR5Y=", + "lastModified": 1697980757, + "narHash": "sha256-/1wjcnNMwGlERn89tRoI2wa1/viqbXRz26OOiPsdzlM=", "owner": "compsoc1%2Fskynet", "repo": "ldap%2Fbackend", - "rev": "6cc97eccb2057d9d2c42955726263fa900f7817a", + "rev": "3f7ac7f9d3237d13e8746f65aa57439549d8e5c2", "type": "gitlab" }, "original": { From e03e27c894fded3e9d108d1c175adbde59659902 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sun, 22 Oct 2023 14:39:35 +0100 Subject: [PATCH 03/17] ldap: small bit of a cleanup --- applications/ldap/server.nix | 37 ++++++++++++++++++------------- applications/ldap/skMemberOf.ldif | 18 --------------- 2 files changed, 21 insertions(+), 34 deletions(-) diff --git a/applications/ldap/server.nix b/applications/ldap/server.nix index 2090879..36be133 100644 --- a/applications/ldap/server.nix +++ b/applications/ldap/server.nix @@ -10,6 +10,7 @@ Gonna use a priper nixos module for this }: with lib; let cfg = config.services.skynet_ldap; + domain = "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}"; in { # these are needed for teh program in question imports = [ @@ -79,7 +80,7 @@ in { }; skynet_acme.domains = [ - "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" + domain ]; skynet_dns.records = [ @@ -97,7 +98,7 @@ in { ]; services.nginx.virtualHosts = { - "${cfg.domain.sub}.${cfg.domain.base}.${cfg.domain.tld}" = { + ${domain} = { forceSSL = true; useACMEHost = "skynet"; locations."/" = { @@ -190,29 +191,33 @@ in { olcRootDN = "cn=admin,${cfg.base}"; olcRootPW.path = config.age.secrets.ldap_pw.path; - #olcOverlay = "memberof"; - olcAccess = [ /* custom access rules for userPassword attributes */ - '' {0}to attrs=userPassword - by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage - by self write - by anonymous auth - by * none'' + '' + {0}to attrs=userPassword + by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage + by self write + by anonymous auth + by * none + '' - '' {1}to attrs=mail,sshPublicKey,cn,sn,skDiscord - by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage - by self write - by * read'' + '' + {1}to attrs=mail,sshPublicKey,cn,sn,skDiscord + by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage + by self write + by * read + '' /* allow read on anything else */ - '' {2}to * - by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage - by * read'' + '' + {2}to * + by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage + by * read + '' ]; }; diff --git a/applications/ldap/skMemberOf.ldif b/applications/ldap/skMemberOf.ldif index af4385b..fc3cdf8 100644 --- a/applications/ldap/skMemberOf.ldif +++ b/applications/ldap/skMemberOf.ldif @@ -24,24 +24,12 @@ olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.4.1 EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.5.1 - NAME 'skDiscord' - DESC 'Discord username' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 - ) olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.6.1 NAME 'skCreated' DESC 'When the account was created' EQUALITY caseIgnoreMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) -#olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.7.1 -# NAME 'skEnabled' -# DESC 'TRUE/FALSE' -# EQUALITY booleanMatch -# SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 -# ) # https://github.com/variablenix/ldap-mail-schema/blob/master/quota.schema olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.8.1 NAME 'quotaEmail' @@ -55,12 +43,6 @@ olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.9.1 EQUALITY caseIgnoreIA5Match SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{255} ) -olcAttributeTypes: ( 1.3.6.1.4.1.24441.1.10.1 - NAME 'skSecure' - DESC '1 if secure' - EQUALITY caseIgnoreMatch - SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 - ) olcObjectClasses: ( 1.3.6.1.4.1.24441.1.1.1 NAME 'skPerson' DESC 'skynet person' From 83b7a142bccb04da22b9b0dece33e1d016bbf25b Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sun, 22 Oct 2023 15:00:48 +0100 Subject: [PATCH 04/17] ldap: fix, forgot to update teh may section --- applications/ldap/server.nix | 2 +- applications/ldap/skMemberOf.ldif | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/applications/ldap/server.nix b/applications/ldap/server.nix index 36be133..107c3f9 100644 --- a/applications/ldap/server.nix +++ b/applications/ldap/server.nix @@ -204,7 +204,7 @@ in { '' '' - {1}to attrs=mail,sshPublicKey,cn,sn,skDiscord + {1}to attrs=mail,sshPublicKey,cn,sn by dn.exact="uid=ldap_api,ou=users,dc=skynet,dc=ie" manage by self write by * read diff --git a/applications/ldap/skMemberOf.ldif b/applications/ldap/skMemberOf.ldif index fc3cdf8..12b981e 100644 --- a/applications/ldap/skMemberOf.ldif +++ b/applications/ldap/skMemberOf.ldif @@ -48,5 +48,5 @@ olcObjectClasses: ( 1.3.6.1.4.1.24441.1.1.1 DESC 'skynet person' SUP top AUXILIARY MUST ( skMail $ skCreated ) - MAY ( skMemberOf $ skID $ skDiscord $ quotaEmail $ quotaDisk $ skSecure ) + MAY ( skMemberOf $ skID $ quotaEmail $ quotaDisk ) ) From d87a7dcdfe150c284bfe550e07e034d4c09e36dc Mon Sep 17 00:00:00 2001 From: runner_nix Date: Sun, 22 Oct 2023 16:45:44 +0000 Subject: [PATCH 05/17] [skip ci] Updated flake for compsoc_public --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 6e08131..237de85 100644 --- a/flake.lock +++ b/flake.lock @@ -107,11 +107,11 @@ }, "locked": { "host": "gitlab.skynet.ie", - "lastModified": 1697300433, - "narHash": "sha256-8UK1CHBeaADEwqW6T0gJu5F6ydKe3auqrsZAKy551+0=", + "lastModified": 1697993126, + "narHash": "sha256-GwuYt20MwyM5IMW5yurlTqpsw2AmGq7HfZH+oGMoYaM=", "owner": "compsoc1%2Fcompsoc", "repo": "presentations", - "rev": "64c7b24ff78637d9179d04f73189e76ad5d71beb", + "rev": "a49b85236858ff9ec26222b5b726226691dc7eac", "type": "gitlab" }, "original": { From 263570154f0e898dc589c06640373920c5dbf40e Mon Sep 17 00:00:00 2001 From: Milan Kovacs Date: Sun, 22 Oct 2023 20:38:24 +0000 Subject: [PATCH 06/17] Added tryFiles to locations for angular routing --- applications/skynet_users.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/skynet_users.nix b/applications/skynet_users.nix index 7a24b03..d90d7df 100644 --- a/applications/skynet_users.nix +++ b/applications/skynet_users.nix @@ -78,6 +78,7 @@ in { alias = "/home/$user/public_html/"; index = "index.html"; extraConfig = "autoindex on;"; + tryFiles = "$uri$args $uri$args/ /index.html"; }; }; }; From badcce6e383c6759fdd4c824c3fbd42e3530abb4 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sun, 22 Oct 2023 21:10:06 +0000 Subject: [PATCH 07/17] feat: Seeing if mailmap works --- mailmap | 1 + 1 file changed, 1 insertion(+) create mode 100644 mailmap diff --git a/mailmap b/mailmap new file mode 100644 index 0000000..1aaf5b3 --- /dev/null +++ b/mailmap @@ -0,0 +1 @@ +Brendan Golden \ No newline at end of file From e1f8d580c73021b0072662985c3645db8c44a08e Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Mon, 23 Oct 2023 11:43:00 +0100 Subject: [PATCH 08/17] email: add the root inbox --- applications/email.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/applications/email.nix b/applications/email.nix index 5cf2aaf..d970d28 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -261,6 +261,7 @@ in { lmtpSaveToDetailMailbox = "yes"; extraVirtualAliases = { + "root@skynet.ie" = create_skynet_email_admin "root"; "abuse@skynet.ie" = create_skynet_email_admin "abuse"; "accounts@skynet.ie" = create_skynet_email_committee "accounts"; "compsoc@skynet.ie" = create_skynet_email_committee "compsoc"; From ec3451d2c73443a2a92c0382e78ff05c1735b35d Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Mon, 23 Oct 2023 11:46:52 +0100 Subject: [PATCH 09/17] email: internal inboxes are now prefixed with int --- applications/email.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index d970d28..8d86b28 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -18,7 +18,7 @@ with lib; let create_skynet_email = accounts: mailbox: (map (account: "${account}+${mailbox}@skynet.ie") accounts); - create_skynet_email_admin = mailbox: (create_skynet_email config.skynet.users.admin mailbox) ++ ["${mailbox}_int@skynet.ie"]; + create_skynet_email_admin = mailbox: (create_skynet_email config.skynet.users.admin mailbox) ++ ["int_${mailbox}@skynet.ie"]; create_skynet_email_committee = mailbox: (create_skynet_email config.skynet.users.committee mailbox) ++ ["${mailbox}_int@skynet.ie"]; in { imports = [ From 13eeead3546cc6ad99df895df9e1035ca8df5d7f Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Mon, 23 Oct 2023 11:55:07 +0100 Subject: [PATCH 10/17] email: really need to remove duplication --- applications/email.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index 8d86b28..898bb5e 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -19,7 +19,7 @@ with lib; let create_skynet_email = accounts: mailbox: (map (account: "${account}+${mailbox}@skynet.ie") accounts); create_skynet_email_admin = mailbox: (create_skynet_email config.skynet.users.admin mailbox) ++ ["int_${mailbox}@skynet.ie"]; - create_skynet_email_committee = mailbox: (create_skynet_email config.skynet.users.committee mailbox) ++ ["${mailbox}_int@skynet.ie"]; + create_skynet_email_committee = mailbox: (create_skynet_email config.skynet.users.committee mailbox) ++ ["int_${mailbox}@skynet.ie"]; in { imports = [ ./dns.nix From 53dd24bd1b723e81aa3f601e5f4a261e87e17cd1 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Mon, 23 Oct 2023 13:17:40 +0100 Subject: [PATCH 11/17] email: improve how aliases are handled --- applications/email.nix | 42 ++++++++++++++++++++++-------------------- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/applications/email.nix b/applications/email.nix index 898bb5e..f7ac0ae 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -16,10 +16,12 @@ with lib; let # thought you could escape racket? create_filter = groups: create_filter_join (create_filter_array groups); - create_skynet_email = accounts: mailbox: (map (account: "${account}+${mailbox}@skynet.ie") accounts); - - create_skynet_email_admin = mailbox: (create_skynet_email config.skynet.users.admin mailbox) ++ ["int_${mailbox}@skynet.ie"]; - create_skynet_email_committee = mailbox: (create_skynet_email config.skynet.users.committee mailbox) ++ ["int_${mailbox}@skynet.ie"]; + # using +mailbox puts the mail in a seperate folder + create_skynet_email_int = accounts: mailbox: (map (account: "${account}+${mailbox}@skynet.ie") accounts); + groups_to_accounts = groups: builtins.concatMap (x: config.skynet.users.${x}) groups; + create_skynet_email_attribute = mailbox: groups: (create_skynet_email_int (groups_to_accounts groups) mailbox) ++ ["int_${mailbox}@skynet.ie"]; + # { mailbox = [users]} + create_skynet_email = mailbox: groups: {"${mailbox}@skynet.ie" = create_skynet_email_attribute mailbox groups;}; in { imports = [ ./dns.nix @@ -260,22 +262,22 @@ in { lmtpSaveToDetailMailbox = "yes"; - extraVirtualAliases = { - "root@skynet.ie" = create_skynet_email_admin "root"; - "abuse@skynet.ie" = create_skynet_email_admin "abuse"; - "accounts@skynet.ie" = create_skynet_email_committee "accounts"; - "compsoc@skynet.ie" = create_skynet_email_committee "compsoc"; - "contact@skynet.ie" = create_skynet_email_committee "contact"; - "dbadmin@skynet.ie" = create_skynet_email_admin "dbadmin"; - "dnsadm@skynet.ie" = create_skynet_email_admin "dnsadm"; - "hostmaster@skynet.ie" = create_skynet_email_admin "hostmaster"; - "intersocsrep@skynet.ie" = create_skynet_email_committee "intersocsrep"; - "mailman@skynet.ie" = create_skynet_email_admin "mailman"; - "security@skynet.ie" = create_skynet_email_admin "security"; - "sysadm@skynet.ie" = create_skynet_email_admin "sysadm"; - "webadmin@skynet.ie" = create_skynet_email_admin "webadmin"; - "pycon2023@skynet.ie" = create_skynet_email_committee "pycon2023"; - }; + extraVirtualAliases = + {} + // create_skynet_email "root" ["admin"] + // create_skynet_email "abuse" ["admin"] + // create_skynet_email "accounts" ["committee"] + // create_skynet_email "compsoc" ["committee"] + // create_skynet_email "contact" ["committee"] + // create_skynet_email "dbadmin" ["admin"] + // create_skynet_email "dnsadm" ["admin"] + // create_skynet_email "hostmaster" ["admin"] + // create_skynet_email "intersocsrep" ["committee"] + // create_skynet_email "mailman" ["admin"] + // create_skynet_email "security" ["admin"] + // create_skynet_email "sysadm" ["admin"] + // create_skynet_email "webadmin" ["admin"] + // create_skynet_email "pycon2023" ["committee"]; # use the letsencrypt certs certificateScheme = "acme"; From 827b109a250158a18060c1a4bef11cdb59c80b07 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Mon, 23 Oct 2023 14:03:23 +0100 Subject: [PATCH 12/17] email: add two mailboxes for topdesk --- applications/email.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index f7ac0ae..7bbf786 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -277,7 +277,9 @@ in { // create_skynet_email "security" ["admin"] // create_skynet_email "sysadm" ["admin"] // create_skynet_email "webadmin" ["admin"] - // create_skynet_email "pycon2023" ["committee"]; + // create_skynet_email "pycon2023" ["committee"] + // create_skynet_email "skynet_topdesk" ["admin"] + // create_skynet_email "topdesk" ["admin"]; # use the letsencrypt certs certificateScheme = "acme"; From d2ece41ace01dd3bfe1b63c55bdb8444471f4230 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Mon, 23 Oct 2023 18:29:22 +0100 Subject: [PATCH 13/17] email: this will allow folks with permission to send mail as the service accounts --- applications/email.nix | 122 ++++++++++++++++++++++++++++++++++------- 1 file changed, 101 insertions(+), 21 deletions(-) diff --git a/applications/email.nix b/applications/email.nix index 7bbf786..924d7ec 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -17,11 +17,104 @@ with lib; let create_filter = groups: create_filter_join (create_filter_array groups); # using +mailbox puts the mail in a seperate folder - create_skynet_email_int = accounts: mailbox: (map (account: "${account}+${mailbox}@skynet.ie") accounts); + create_skynet_email_int = accounts: mailbox: (map (account: "${account}@skynet.ie") accounts); groups_to_accounts = groups: builtins.concatMap (x: config.skynet.users.${x}) groups; create_skynet_email_attribute = mailbox: groups: (create_skynet_email_int (groups_to_accounts groups) mailbox) ++ ["int_${mailbox}@skynet.ie"]; - # { mailbox = [users]} - create_skynet_email = mailbox: groups: {"${mailbox}@skynet.ie" = create_skynet_email_attribute mailbox groups;}; + create_skynet_email = mailbox: groups: { + name = "${mailbox}@skynet.ie"; + value = create_skynet_email_attribute mailbox groups; + }; + create_skynet_service_mailboxes = builtins.listToAttrs (map (mailbox: (create_skynet_email mailbox.account mailbox.members)) service_mailboxes); + + create_config_to = concatStringsSep "\",\"" (map (mailbox: "${mailbox.account}") service_mailboxes); + + service_mailboxes = [ + { + account = "root"; + members = ["admin"]; + } + { + account = "abuse"; + members = ["admin"]; + } + { + account = "accounts"; + members = ["committee"]; + } + { + account = "compsoc"; + members = ["committee"]; + } + { + account = "contact"; + members = ["committee"]; + } + { + account = "dbadmin"; + members = ["admin"]; + } + { + account = "dnsadm"; + members = ["admin"]; + } + { + account = "hostmaster"; + members = ["admin"]; + } + { + account = "intersocsrep"; + members = ["committee"]; + } + { + account = "mailman"; + members = ["admin"]; + } + { + account = "security"; + members = ["admin"]; + } + { + account = "sysadm"; + members = ["admin"]; + } + { + account = "webadmin"; + members = ["admin"]; + } + { + account = "pycon2023"; + members = ["committee"]; + } + { + account = "skynet_topdesk"; + members = ["admin"]; + } + { + account = "topdesk"; + members = ["admin"]; + } + ]; + + configFile = + pkgs.writeText "basic_sieve" + '' + require "copy"; + require "mailbox"; + require "imap4flags"; + require ["fileinto", "reject"]; + require "variables"; + require "regex"; + + # this should be close to teh last step + if allof ( + address :localpart ["To"] ["${toString create_config_to}"], + address :domain ["To"] "skynet.ie" + ){ + if address :matches ["To"] "*@skynet.ie" { + fileinto :create "''${1}"; + } + } + ''; in { imports = [ ./dns.nix @@ -262,24 +355,7 @@ in { lmtpSaveToDetailMailbox = "yes"; - extraVirtualAliases = - {} - // create_skynet_email "root" ["admin"] - // create_skynet_email "abuse" ["admin"] - // create_skynet_email "accounts" ["committee"] - // create_skynet_email "compsoc" ["committee"] - // create_skynet_email "contact" ["committee"] - // create_skynet_email "dbadmin" ["admin"] - // create_skynet_email "dnsadm" ["admin"] - // create_skynet_email "hostmaster" ["admin"] - // create_skynet_email "intersocsrep" ["committee"] - // create_skynet_email "mailman" ["admin"] - // create_skynet_email "security" ["admin"] - // create_skynet_email "sysadm" ["admin"] - // create_skynet_email "webadmin" ["admin"] - // create_skynet_email "pycon2023" ["committee"] - // create_skynet_email "skynet_topdesk" ["admin"] - // create_skynet_email "topdesk" ["admin"]; + extraVirtualAliases = create_skynet_service_mailboxes; # use the letsencrypt certs certificateScheme = "acme"; @@ -320,6 +396,10 @@ in { ]; }; + services.dovecot2.sieveScripts = { + before = configFile; + }; + # tune the spam filter /* services.rspamd.extraConfig = '' From e7d1854de4a31ae5519f8afd32e3bf919c0a3f7a Mon Sep 17 00:00:00 2001 From: runner_nix Date: Tue, 24 Oct 2023 16:43:40 +0000 Subject: [PATCH 14/17] [skip ci] Updated flake for skynet_ldap_backend --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 237de85..c7a3a12 100644 --- a/flake.lock +++ b/flake.lock @@ -679,11 +679,11 @@ }, "locked": { "host": "gitlab.skynet.ie", - "lastModified": 1697980757, - "narHash": "sha256-/1wjcnNMwGlERn89tRoI2wa1/viqbXRz26OOiPsdzlM=", + "lastModified": 1698165801, + "narHash": "sha256-aqZx09OwJwXB4SG8KG2m0eiHVXB/l4oTKMMz8Yr6XaQ=", "owner": "compsoc1%2Fskynet", "repo": "ldap%2Fbackend", - "rev": "3f7ac7f9d3237d13e8746f65aa57439549d8e5c2", + "rev": "a43c8c363e694bac30847a1a51e75704554c9824", "type": "gitlab" }, "original": { From 91f7fec824bc2b57e9a4cf85201d5965ead4f067 Mon Sep 17 00:00:00 2001 From: runner_nix Date: Tue, 24 Oct 2023 16:52:46 +0000 Subject: [PATCH 15/17] [skip ci] Updated flake for skynet_discord_bot --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index c7a3a12..7dbb86e 100644 --- a/flake.lock +++ b/flake.lock @@ -657,11 +657,11 @@ }, "locked": { "host": "gitlab.skynet.ie", - "lastModified": 1696234972, - "narHash": "sha256-8Syf1OEUBmaaApKsjkp0bVX4AjVkm64aGZKzoRn7wGM=", + "lastModified": 1698165887, + "narHash": "sha256-eHmW39g6m+OlgAqPkRL4FKGKEkD/Ot/+OYGatDZxg3M=", "owner": "compsoc1%2Fskynet", "repo": "discord-bot", - "rev": "b0028959ff83c3fcc39410496fe2017b8772aff8", + "rev": "4125ad634f7b83a026784301c0088f09521330f5", "type": "gitlab" }, "original": { From bb346e294fc8fc795746693b6f3bf16ce5530007 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Tue, 24 Oct 2023 18:53:06 +0100 Subject: [PATCH 16/17] email: handle junk mails better --- applications/email.nix | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index 924d7ec..05ee8d0 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -111,7 +111,12 @@ with lib; let address :domain ["To"] "skynet.ie" ){ if address :matches ["To"] "*@skynet.ie" { - fileinto :create "''${1}"; + if header :is "X-Spam" "Yes" { + fileinto :create "''${1}.Junk"; + stop; + } else { + fileinto :create "''${1}"; + } } } ''; From 2dcae4df6d2d6d75b56df6bd741850f254da47c2 Mon Sep 17 00:00:00 2001 From: runner_nix Date: Wed, 25 Oct 2023 17:40:45 +0000 Subject: [PATCH 17/17] [skip ci] Updated flake for skynet_ldap_backend --- flake.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/flake.lock b/flake.lock index 7dbb86e..03302db 100644 --- a/flake.lock +++ b/flake.lock @@ -679,11 +679,11 @@ }, "locked": { "host": "gitlab.skynet.ie", - "lastModified": 1698165801, - "narHash": "sha256-aqZx09OwJwXB4SG8KG2m0eiHVXB/l4oTKMMz8Yr6XaQ=", + "lastModified": 1698255058, + "narHash": "sha256-qtvTnfL0XXZWA+I14D9eRL9Ir2G6WhIkRSiRV7GOfdw=", "owner": "compsoc1%2Fskynet", "repo": "ldap%2Fbackend", - "rev": "a43c8c363e694bac30847a1a51e75704554c9824", + "rev": "20d79e427afa460b13ef7d986d5d351548a5c91e", "type": "gitlab" }, "original": {