From d3030aa2d1dd869030d1a9ab83e61403935fa03f Mon Sep 17 00:00:00 2001 From: daragh Date: Sat, 15 Jun 2024 13:22:18 +0100 Subject: [PATCH 1/6] Changing spf and dmarc config --- applications/email.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/applications/email.nix b/applications/email.nix index ade5e0f..5d9f41a 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -299,7 +299,7 @@ in { { record = "${cfg.domain}."; r_type = "TXT"; - value = ''"v=spf1 a:${cfg.sub}.${cfg.domain} -all"''; + value = ''"v=spf1 include:mail.skynet.ie include:skynet.ie ip4:${cfg.host.ip} -all"''; } # DKIM keys @@ -324,7 +324,7 @@ in { # adkim : alignment policy for DKIM, s => Strict, subdomains arent allowed, r => relaxed, subdomains allowed # aspf : alignment policy for SPF, s => Strict, subdomains arent allowed, r => relaxed, subdomains allowed # sp : DMARC policy for subdomains, none => no action, reports to rua, quarantine => spam, reject => never sent - value = ''"v=DMARC1; p=quarantine; rua=mailto:mailman@skynet.ie; pct=100; adkim=s; aspf=s; sp=none"''; + value = ''"v=DMARC1; p=quarantine; rua=mailto:mailman@skynet.ie; pct=100; adkim=s; aspf=s; sp=quarantine"''; } # reverse pointer From 1b848029e26f2a56d204ce2128fb16a4e6dd8ae3 Mon Sep 17 00:00:00 2001 From: daragh Date: Sat, 15 Jun 2024 14:30:40 +0100 Subject: [PATCH 2/6] fix host ip variable --- applications/email.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index 5d9f41a..0d13325 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -299,7 +299,7 @@ in { { record = "${cfg.domain}."; r_type = "TXT"; - value = ''"v=spf1 include:mail.skynet.ie include:skynet.ie ip4:${cfg.host.ip} -all"''; + value = ''"v=spf1 include:mail.skynet.ie include:skynet.ie ip4:${config.services.skynet.host.ip} -all"''; } # DKIM keys From 149b58ce0978f562d78d27670b26a0be4f2c9478 Mon Sep 17 00:00:00 2001 From: daragh Date: Sat, 15 Jun 2024 14:42:36 +0100 Subject: [PATCH 3/6] use cfg variables --- applications/email.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index 0d13325..008828e 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -299,7 +299,7 @@ in { { record = "${cfg.domain}."; r_type = "TXT"; - value = ''"v=spf1 include:mail.skynet.ie include:skynet.ie ip4:${config.services.skynet.host.ip} -all"''; + value = ''"v=spf1 include:${cfg.sub}.${cfg.domain} include:${cfg.domain} ip4:${config.services.skynet.host.ip} -all"''; } # DKIM keys From e0a461bb0aba734e08fa381b52488fa0c05f823a Mon Sep 17 00:00:00 2001 From: daragh Date: Sat, 15 Jun 2024 15:07:08 +0100 Subject: [PATCH 4/6] test --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index f98fd97..57aab1f 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Skynet -This is teh core config for teh skynet cluster which uses [NixOS][1]. +This is teh core config for teh skynet cluster which uses [NixOS][1]. ## Dev ### Prep @@ -122,4 +122,4 @@ nix fmt [6]: https://github.com/ryantm/agenix [7]: https://docs.gitlab.com/ee/user/ssh.html#see-if-you-have-an-existing-ssh-key-pair [8]: https://gitlab.skynet.ie/compsoc1/skynet/nixos/-/blob/main/secrets/secrets.nix#L2 -[9]: https://gitlab.skynet.ie/compsoc1/skynet/nixos/-/merge_requests/4 \ No newline at end of file +[9]: https://gitlab.skynet.ie/compsoc1/skynet/nixos/-/merge_requests/4 From c0ddc2d6a913c6406536f498b7b64a0fd894e30d Mon Sep 17 00:00:00 2001 From: daragh Date: Sat, 15 Jun 2024 15:23:36 +0100 Subject: [PATCH 5/6] switch include to a, remove skynet.ie --- applications/email.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/applications/email.nix b/applications/email.nix index 008828e..182c280 100644 --- a/applications/email.nix +++ b/applications/email.nix @@ -299,7 +299,7 @@ in { { record = "${cfg.domain}."; r_type = "TXT"; - value = ''"v=spf1 include:${cfg.sub}.${cfg.domain} include:${cfg.domain} ip4:${config.services.skynet.host.ip} -all"''; + value = ''"v=spf1 a:${cfg.sub}.${cfg.domain} ip4:${config.services.skynet.host.ip} -all"''; } # DKIM keys From 5933cb5dfe918dfb4a27eb2297ae5167a206440e Mon Sep 17 00:00:00 2001 From: daragh Date: Sat, 15 Jun 2024 15:25:19 +0100 Subject: [PATCH 6/6] Revert "test" This reverts commit e0a461bb0aba734e08fa381b52488fa0c05f823a. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 57aab1f..f98fd97 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Skynet -This is teh core config for teh skynet cluster which uses [NixOS][1]. +This is teh core config for teh skynet cluster which uses [NixOS][1]. ## Dev ### Prep @@ -122,4 +122,4 @@ nix fmt [6]: https://github.com/ryantm/agenix [7]: https://docs.gitlab.com/ee/user/ssh.html#see-if-you-have-an-existing-ssh-key-pair [8]: https://gitlab.skynet.ie/compsoc1/skynet/nixos/-/blob/main/secrets/secrets.nix#L2 -[9]: https://gitlab.skynet.ie/compsoc1/skynet/nixos/-/merge_requests/4 +[9]: https://gitlab.skynet.ie/compsoc1/skynet/nixos/-/merge_requests/4 \ No newline at end of file