configuration.nix

@@ -38,7 +38,6 @@
       owner = "matrix-synapse";
     };
     ntfy-admin-hash.file = ./secrets/ntfy-admin-hash.age;
-    webhook-secret.owner = "stalwart-mail";
   };
 
   # Bootloader
@@ -147,8 +146,6 @@
   services.jetpham-website = {
     enable = true;
     tor.enable = true;
-    qaMailDomain = "jetpham.com";
-    qaReplyDomain = "jetpham.com";
   };
 
   # Allow Tailscale traffic

flake.lock

@@ -470,11 +470,11 @@
         "nixpkgs": "nixpkgs_2"
       },
       "locked": {
-        "lastModified": 1774581174,
+        "lastModified": 1773803479,
-        "narHash": "sha256-258qgkMkYPkJ9qpIg63Wk8GoIbVjszkGGPU1wbVHYTk=",
+        "narHash": "sha256-GD6i1F2vrSxbsmbS92+8+x3DbHOJ+yrS78Pm4xigW4M=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "a313afc75b85fc77ac154bf0e62c36f68361fd0b",
+        "rev": "f17186f52e82ec5cf40920b58eac63b78692ac7c",
         "type": "github"
       },
       "original": {
@@ -553,11 +553,11 @@
         "rust-overlay": "rust-overlay_2"
       },
       "locked": {
-        "lastModified": 1774581798,
+        "lastModified": 1774078882,
-        "narHash": "sha256-WimRZfiKOR8/yxxpmEx1kFP4IM/Ahq692fSvPLhxUek=",
+        "narHash": "sha256-0ABtMFWqKsESSX2E4Z+uY1VXCNb9PzZ/ke7HmpTkflE=",
         "ref": "refs/heads/main",
-        "rev": "38af26d959bf4934155d85f15345f0d83252dab9",
+        "rev": "ede986080a538eced16490e47c638398c2e4c49f",
-        "revCount": 48,
+        "revCount": 39,
         "type": "git",
         "url": "https://git.extremist.software/jet/website"
       },

modules/caddy.nix

@@ -1,9 +1,18 @@
 { config, pkgs, ... }:
 
+let
+  caddyPkg = pkgs.callPackage "${pkgs.path}/pkgs/by-name/ca/caddy/package.nix" {
+    buildGo125Module = pkgs.buildGo126Module;
+  };
+  caddyWithPlugins = pkgs.callPackage "${pkgs.path}/pkgs/by-name/ca/caddy/plugins.nix" {
+    caddy = caddyPkg;
+  };
+in
+
 {
   services.caddy = {
     enable = true;
-    package = pkgs.caddy.withPlugins {
+    package = caddyWithPlugins {
       plugins = [ "github.com/mholt/caddy-ratelimit@v0.1.0" ];
       hash = "sha256-Ko4kJJiBUGX/2x6O+Q0f7hrf6r7YkVCQPRV04Adgedw=";
     };

modules/mail.nix

@@ -45,28 +45,11 @@
         user = "admin";
         secret = "%{file:/run/agenix/stalwart-admin}%";
       };
-
-      session.hook."qa-webhook" = {
-        enable = "contains(recipients, 'qa@jetpham.com')";
-        url = "http://127.0.0.1:3003/api/webhook";
-        stages = [ "data" ];
-        auth = {
-          username = "qa-webhook";
-          secret = "%{file:${config.age.secrets.webhook-secret.path}}%";
-        };
-        options = {
-          "tempfail-on-error" = true;
-          "max-response-size" = 1048576;
-        };
-      };
     };
   };
 
   # Allow Stalwart to read the ACME certificate procured for Caddy and the agenix secret
   systemd.services.stalwart.serviceConfig.SupplementaryGroups = [ "acme" ];
-  systemd.services.stalwart.serviceConfig.ReadOnlyPaths = [
+  systemd.services.stalwart.serviceConfig.ReadOnlyPaths = [ "/run/agenix/stalwart-admin" ];
-    "/run/agenix/stalwart-admin"
-    config.age.secrets.webhook-secret.path
-  ];
 
 }