8 changed files with 11 additions and 169 deletions
--- a/flake.lock
+++ b/flake.lock
@ -66,11 +66,11 @@
        "utils": "utils"
      },
      "locked": {
-        "lastModified": 1711973905,
-        "narHash": "sha256-UFKME/N1pbUtn+2Aqnk+agUt8CekbpuqwzljivfIme8=",
+        "lastModified": 1711733382,
+        "narHash": "sha256-XuKlYhc9Hk6jMIIwWTP6CTQVUWi0Sq3nJApnUJk6bu8=",
        "owner": "serokell",
        "repo": "deploy-rs",
-        "rev": "88b3059b020da69cbe16526b8d639bd5e0b51c8b",
+        "rev": "2bad21828ee2c5d1e42588d5f4c53f5b10300c6a",
        "type": "github"
      },
      "original": {
@ -86,11 +86,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1711934712,
-        "narHash": "sha256-sBDe+QmX/QohlnKeSEzrftcXyZL5FY09OMjZ59Rpyy4=",
+        "lastModified": 1711588700,
+        "narHash": "sha256-vBB5HoQVnA6c/UrDOhLXKAahEwSRccw2YXYHxD7qoi4=",
        "owner": "nix-community",
        "repo": "disko",
-        "rev": "611c9ea53250f7bb22286b3d26872280a0e608f9",
+        "rev": "502241afa3de2a24865ddcbe4c122f4546e32092",
        "type": "github"
      },
      "original": {
@ -340,11 +340,11 @@
    "secrets": {
      "flake": false,
      "locked": {
-        "lastModified": 1712006510,
-        "narHash": "sha256-JQ3ZcSwIB6d3gDcx/nZCUlSfZGwaI55WNmD9mK2uTPA=",
+        "lastModified": 1711910722,
+        "narHash": "sha256-QrXfLiCYVQXD18rkmrJPTJYhjoP+DsDhJlPRtWIEg/o=",
        "ref": "refs/heads/master",
-        "rev": "f350d35d7651c415fa4c0d6a7cff378ba5650f93",
-        "revCount": 17,
+        "rev": "b64a65c725e4cb63811fca53b60073d4c47802e4",
+        "revCount": 15,
        "type": "git",
        "url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
      },
--- a/flake.nix
+++ b/flake.nix
@ -83,7 +83,6 @@
        helios = mkNixosSystem { system = "x86_64-linux"; name = "helios"; };
        hypnos = mkNixosSystem { system = "x86_64-linux"; name = "hypnos"; };
        library = mkNixosSystem { system = "x86_64-linux"; name = "library"; };
-        mail = mkNixosSystem { system = "x86_64-linux"; name = "mail"; };
        odyssey = mkNixosSystem { system = "x86_64-linux"; name = "odyssey"; };
        pi = mkNixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; };
        vps1 = mkNixosSystem { system = "x86_64-linux"; name = "vps1"; };
@ -100,14 +99,6 @@
        autoRollback = true;
        sshUser = "root";
        nodes = {
-          mail = {
-            hostname = "mail.mesh.vimium.net";
-
-            profiles.system = {
-              user = "root";
-              path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.mail;
-            };
-          };
          vps1 = {
            hostname = "vps1.mesh.vimium.net";

--- a/hosts/mail/README.md
+++ b/hosts/mail/README.md
@ -1,18 +0,0 @@
-# Mail server
-
-## Overview
-Mail server hosted in OVH.
-
-## Specs
-* CPU - ??
-* Memory - ??
-
-### Disks
-Device | Partitions _(filesystem, usage)_
--- | ---
-NVMe | `/dev/sda1` (ext4, NixOS Root)
-
-### Networks
- DHCP on `10.0.1.0/24` subnet.
- Tailscale on `100.64.0.0/10` subnet. FQDN: `mail.mesh.vimium.net`.
-
--- a/hosts/mail/default.nix
+++ b/hosts/mail/default.nix
@ -1,53 +0,0 @@
-{ config, lib, pkgs, inputs, ... }:
-
-{
-  imports = [
-    ./hardware-configuration.nix
-    ./disko-config.nix
-    ../server.nix
-  ];
-
-  networking = {
-    hostId = "08ac2f14";
-    domain = "mesh.vimium.net";
-    firewall = {
-      enable = true;
-      allowedTCPPorts = [
-        22    # SSH
-      ];
-    };
-  };
-
-  users = {
-    users = {
-      root = {
-        openssh.authorizedKeys.keys = [
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILVHTjsyMIV4THNw6yz0OxAxGnC+41gX72UrPqTzR+OS jordan@vimium.com"
-        ];
-      };
-    };
-  };
-
-  services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password";
-
-  security.acme.defaults = {
-    email = "hostmaster@vimium.com";
-    group = "nginx";
-    webroot = "/var/lib/acme/acme-challenge";
-  };
-
-  modules = {
-    services = {
-      borgmatic = {
-        enable = true;
-        directories = [
-          "/var/lib"
-        ];
-        repoPath = "ssh://kg2mpt28@kg2mpt28.repo.borgbase.com/./repo";
-      };
-      mail.enable = true;
-    };
-  };
-
-  system.stateVersion = "22.11";
-}
--- a/hosts/mail/disko-config.nix
+++ b/hosts/mail/disko-config.nix
@ -1,55 +0,0 @@
-{ lib, ... }:
-{
-  disko.devices = {
-    disk.disk1 = {
-      device = lib.mkDefault "/dev/sda";
-      type = "disk";
-      content = {
-        type = "gpt";
-        partitions = {
-          boot = {
-            name = "boot";
-            size = "2M";
-            type = "EF02";
-          };
-          esp = {
-            name = "ESP";
-            size = "300M";
-            type = "EF00";
-            content = {
-              type = "filesystem";
-              format = "vfat";
-              mountpoint = "/boot";
-            };
-          };
-          root = {
-            name = "root";
-            size = "100%";
-            content = {
-              type = "lvm_pv";
-              vg = "pool";
-            };
-          };
-        };
-      };
-    };
-    lvm_vg = {
-      pool = {
-        type = "lvm_vg";
-        lvs = {
-          root = {
-            size = "100%FREE";
-            content = {
-              type = "filesystem";
-              format = "ext4";
-              mountpoint = "/";
-              mountOptions = [
-                "defaults"
-              ];
-            };
-          };
-        };
-      };
-    };
-  };
-}
--- a/hosts/mail/hardware-configuration.nix
+++ b/hosts/mail/hardware-configuration.nix
@ -1,22 +0,0 @@
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-  ];
-
-  boot = {
-    initrd = {
-      availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
-      kernelModules = [ "nvme" ];
-    };
-    loader.grub = {
-      efiSupport = true;
-      efiInstallAsRemovable = true;
-    };
-    tmp.cleanOnBoot = true;
-  };
-
-  zramSwap.enable = true;
-}
-
--- a/modules/default.nix
+++ b/modules/default.nix
@ -34,7 +34,6 @@
    ./services/coturn
    ./services/gitea
    ./services/headscale
-    ./services/mail
    ./services/matrix-synapse
    ./services/nginx
    ./services/photoprism
--- a/modules/services/mail/default.nix
+++ b/modules/services/mail/default.nix
@ -18,7 +18,7 @@ in {

      certificateDomains = [
        "imap.vimium.com"
-        "smtp.vimium.com"
+        "pop3.vimium.com"
      ];
      certificateScheme = "acme-nginx";