| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169 |
- <!DOCTYPE html><head><meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><meta name="keywords" content="GNU, Emacs, Libre Software, Hurd, Guile, Guix" /><meta name="description" content="GNUcode.me is a website focusing on libre software projects, especially the GNU project." /><link type="application/atom+xml" rel="alternate" title="GNUcode.me -- Feed" href="/feed.xml" /><a rel="me" href="https://fosstodon.org/@thegnuguy"></a><link type="text/css" href="css/footer.min.css" rel="stylesheet"></link><link type="text/css" href="css/header.min.css" rel="stylesheet"></link><link type="text/css" href="css/main.min.css" rel="stylesheet"></link><title>Status Update October 2021 — GNUcode.me</title></head><body><header><nav><ul><li><a href="index.html">GNUcode.me</a></li><li><a href="services.html">Services</a></li><li><a href="about.html">About</a></li><li><a href="business-ideas.html">Business-ideas</a></li></ul></nav></header><h1>Status Update October 2021</h1><main><section class="basic-section-padding"><article><h3>by Joshua Branson — November 01, 2021</h3><div><p>The main thing that I have been working on this month is an
- <code>opensmtpd-service</code> that uses <code>(guix records)</code>. The code is <a href="https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd-records.scm">here.</a>
- It has been a real pleasure creating the various records to turn this:</p><pre><code>(service opensmtpd-service-type
- (opensmtpd-configuration
- (queue
- (opensmtpd-queue-configuration
- (compression #t)))
- (smtp
- (opensmtpd-smtp-configuration
- (max-message-size "10M")))
- (srs
- (opensmtpd-srs-configuration
- (ttl-delay "5d")))
- (pkis (list
- (opensmtpd-pki
- (domain "smtpd.gnucode.me")
- (cert "/etc/letsencrypt/live/gnucode.me/fullchain.pem")
- (key "/etc/letsencrypt/live/gnucode.me/privkey.pem"))))
- (tables (list
- (opensmtpd-table
- (name "aliases")
- (values
- (list
- (cons "webmaster" "root")
- (cons "postmaster" "root")
- (cons "abuse" "root"))))
- (opensmtpd-table
- (name "creds")
- (values
- (list
- (cons "joshua"
- "$6$Ec4m8FgKjT2F/03Y$k66ABdse9TzCX6qaALB3WBL9GC1rmAWJmaoSjFMpbhzat7DOpFqpnOwpbZ34wwsQYIK8RQlqwM1I/v6vsRq86."))))
- (opensmtpd-table
- (name "vdoms")
- (values (list "gnucode.me"
- "gnu-hurd.com")))
- (opensmtpd-table
- (name "vusers")
- (values (list (cons "joshua@gnucode.me" "joshua")
- (cons "jbranso@gnucode.me" "joshua")
- (cons "postmaster@gnucode.me" "joshua"))))))
- (listen-ons
- (list
- ;; this forum help suggests that I listen on 0.0.0.0 and NOT eth0
- ;; https://serverfault.com/questions/726795/opensmtpd-wont-work-at-reboot
- ;; this listens for email from the outside world
- (opensmtpd-listen-on
- (interface "eth0")
- (port 25)
- (secure-connection "tls")
- (pki "smtp.gnucode.me"))
- ;; this lets local users logged into the system via ssh send email
- (opensmtpd-listen-on
- (interface "lo")
- (port 25)
- (secure-connection "tls")
- (pki "smtp.gnucode.me"))
- (opensmtpd-listen-on
- (interface "eth0")
- (port 465)
- (secure-connection "smtps")
- (pki "smtp.gnucode.me")
- (auth "<creds>"))
- (opensmtpd-listen-on
- (interface "eth0")
- (port 587)
- (secure-connection "tls-require")
- (pki "smtp.gnucode.me")
- (auth "<creds>"))
- ))
- (actions
- (list
- (opensmtpd-action
- (name "receive")
- (method
- (opensmtpd-local-delivery-configuration
- (method (opensmtpd-maildir-configuration
- (pathname "/home/%{rcpt.user}/Maildir")
- (junk #t)))
- (virtual "vusers"))))
- (opensmtpd-action
- (name "send")
- (method (opensmtpd-relay-configuration)))))
- (matches (list
- (opensmtpd-match
- (name "send")
- (for "for any")
- (from "from any")
- (auth "auth"))
- (opensmtpd-match
- (name "receive")
- (from "from any")
- (for "for domain <vdoms>"))
- (opensmtpd-match
- (name "receive")
- (for "for local"))))
- (filter-chains
- (list
- (opensmtpd-filter-chain
- (name "dropDumbEmails")
- (filter-names (list "nofcrdnsDisconnect"
- "nordnsDisconnect")))))
- (filter-phases
- (list (opensmtpd-filter-phase
- (name "nofcrdnsDisconnect")
- (phase-name "connect")
- (conditions (list "!fcrdns"))
- (decision "disconnect")
- (message "You have not set up forward confirmed DNS."))
- (opensmtpd-filter-phase
- (name "nordnsDisconnect")
- (phase-name "connect")
- (conditions (list "!rdns"))
- (decision "reject")
- (message "You have not set up reverse DNS."))))))</code></pre><p>into this:</p><pre><code>smtp max-message-size 10M
- srs ttl 5d
- queue compression
- table aliases { "webmaster" = "root", "postmaster" = "root", "abuse" = "root" }
- table creds { "joshua" = "$6$Ec4m8FgKjT2F/03Y$k66ABdse9TzCX6qaALB3WBL9GC1rmAWJmaoSjFMpbhzat7DOpFqpnOwpbZ34wwsQYIK8RQlqwM1I/v6vsRq86." }
- table vdoms { "gnucode.me", "gnu-hurd.com" }
- table vusers { "joshua@gnucode.me" = "joshua", "jbranso@gnucode.me" = "joshua", "postmaster@gnucode.me" = "joshua" }
- pki smtpd.gnucode.me cert "/etc/letsencrypt/live/gnucode.me/fullchain.pem"
- pki smtpd.gnucode.me key "/etc/letsencrypt/live/gnucode.me/privkey.pem"
- filter "nofcrdnsDisconnect" phase connect match !fcrdns disconnect "You have not set up forward confirmed DNS."
- filter "nordnsDisconnect" phase connect match !rdns reject "You have not set up reverse DNS."
- filter "dropDumbEmails" chain {nofcrdnsDisconnect, nordnsDisconnect}
- listen on eth0 tls port 25 pki smtp.gnucode.me
- listen on lo tls port 25 pki smtp.gnucode.me
- listen on eth0 smtps port 465 pki smtp.gnucode.me auth <<creds>>
- listen on eth0 tls-require port 587 pki smtp.gnucode.me auth <<creds>>
- action "receive" maildir "/home/%{rcpt.user}/Maildir" junk
- action "send" relay
- match from any for any auth tls action "send"
- match from any for domain <vdoms> tls action "receive"
- match for local tls action "receive"</code></pre><p>Looking at it now, one might almost prefer just to use the opensmtpd
- configuration syntax. Still it is nice to be able to use a schemey
- syntax and translate in into something that opensmtpd can parse.
- Perhaps someone could potentially configure a webserver via something
- like this:</p><pre><code>(service email-service-type
- (email-service-configuration
- (domains (list "gnucode.me"
- "gnu-hurd.com"))
- (use-letsencrypt-certs #t)))</code></pre><p>Perhaps the above would set up a DNS server at smtp.domain.name. And
- serve the emails via dovecot. Though that would be a task for someone else.</p><p>Future work for my opensmtpd-service via <code>(guix records)</code> includes
- writing figure out how to let <code>opensmtpd-filter-proc-exec</code> accept a
- list of strings and gexps. I currently could use my opensmtpd-service
- for my linode server via the <code>includes</code> directive, but I'd rather use
- the <code>opensmtpd-filter-proc-exec</code>. My current opensmtpd configuration
- can be found
- <a href="https://notabug.org/jbranso/linode-guix-system-configuration/src/master/opensmtpd.scm">here</a>.
- If you can think of anyway that I can improve the code, please reach
- out: jbranso AT dismail DOT de.</p><h2>I made a cookbook submission about auto logging into tty3</h2><p><a href="http://issues.guix.gnu.org/48974#13">http://issues.guix.gnu.org/48974#13</a></p><p>This was a while ago, but I did write an entry in the cookbook about
- how to autologin to a specific tty. So if you want to learn how to
- auto login to sway via guix system, this is part of that solution.</p><h2>I am now hosting an xmpp account on gnucode.me.</h2><p>My jmp.chat account delivers SMS text messages to my XMPP account at
- via dismail.de. Perhaps one day soon, I'll be able to host my own
- chats via gnucode.me. That would be pretty awesome!</p><h2>Guix's official libreboot cookbook guide</h2><p>I also need to finish Raghav's <a href="http://issues.guix.gnu.org/49654#1">libreboot
- cookbook</a> guide for inclusion to
- the guix cookbook.</p></div></article></section></main><footer><p>© 2020 Joshua Branson. The text on this site is free culture under the Creative Commons Attribution Share-Alike 4.0 International license.</p><p>This website is build with Haunt, a static site generator written in Guile Scheme. Source code is <a href="https://notabug.org/jbranso/gnucode.me">available.</a></p><p>The color theme of this website is based off of the famous <a href="#3f3f3f" target="_blank">zenburn</a> theme.</p></footer></body>
|
