lukegb/depot
1
0
Fork 0
Code Issues 1 Pull requests Projects Packages Activity Actions

bvm-forgejo: changes to better support IPv6 mailing

Browse source
This commit is contained in:
Luke Granger-Brown 2024-11-11 00:36:40 +00:00
parent 8919df8542
commit 96eebb817d
1 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ops/nixos/bvm-forgejo/default.nix
View file

@ -43,6 +43,11 @@ in {
}; };
my.ip.tailscale = "100.103.26.78"; my.ip.tailscale = "100.103.26.78";
my.ip.tailscale6 = "fd7a:115c:a1e0::8d01:1a4e"; my.ip.tailscale6 = "fd7a:115c:a1e0::8d01:1a4e";
boot.kernel.sysctl = {
# We have statically-configured v6.
"net.ipv6.conf.all.accept_ra" = 0;
"net.ipv6.conf.default.accept_ra" = 0;
};
services.openssh.ports = [ 20022 ]; services.openssh.ports = [ 20022 ];
my.deploy.args = "-p 20022"; my.deploy.args = "-p 20022";
@ -60,13 +65,13 @@ in {
smtpd_milters = ${config.services.opendkim.socket} smtpd_milters = ${config.services.opendkim.socket}
non_smtpd_milters = ${config.services.opendkim.socket} non_smtpd_milters = ${config.services.opendkim.socket}
''; '';
networks = [ "172.17.0.0/16" ];
}; };
services.opendkim = { services.opendkim = {
enable = true; enable = true;
domains = "csl:git.lukegb.com"; domains = "csl:git.lukegb.com";
selector = "bvm-forgejo"; selector = "bvm-forgejo";
}; };
systemd.services.opendkim.serviceConfig.UMask = lib.mkForce "0007";
services.pomerium = { services.pomerium = {
settings = { settings = {