diff options
| author | toufic ar <contact@toufy.me> | 2026-04-22 14:08:19 +0300 |
|---|---|---|
| committer | toufic ar <contact@toufy.me> | 2026-04-22 14:08:19 +0300 |
| commit | c7349e466fef7ecff5a46b1d0c819975a6bdcb8c (patch) | |
| tree | 2a3fc53016ae4d0b31d7583171bd4b8e60f4cc17 /aphrodite/mail | |
| download | servers-c7349e466fef7ecff5a46b1d0c819975a6bdcb8c.tar.gz servers-c7349e466fef7ecff5a46b1d0c819975a6bdcb8c.zip | |
initial commit
Diffstat (limited to 'aphrodite/mail')
| -rw-r--r-- | aphrodite/mail/default.nix | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/aphrodite/mail/default.nix b/aphrodite/mail/default.nix new file mode 100644 index 0000000..c12e79d --- /dev/null +++ b/aphrodite/mail/default.nix @@ -0,0 +1,79 @@ +{ + config, + lib, + ... +}: let + domainFqdn = config.customOps.domain.fqdn; + hostname = config.networking.hostName; +in { + sops.secrets = let + accounts = config.customOps.mailAccounts; + in + builtins.listToAttrs ( + map (acc: { + name = accounts.${acc}.passwdFile; + value = {owner = "dovecot2";}; + }) (builtins.attrNames accounts) + ); + + mailserver = { + enable = true; + stateVersion = 3; + fqdn = "${hostname}.${domainFqdn}"; + domains = [domainFqdn]; + systemDomain = domainFqdn; + systemName = domainFqdn; + systemContact = "postmaster@${domainFqdn}"; + + dmarcReporting.enable = true; + tlsrpt.enable = true; + + fullTextSearch.enable = true; + virusScanning = true; + + mailboxes = { + Archive = { + auto = "subscribe"; + specialUse = "Archive"; + }; + Drafts = { + auto = "subscribe"; + specialUse = "Drafts"; + }; + Junk = { + auto = "subscribe"; + specialUse = "Junk"; + }; + Sent = { + auto = "subscribe"; + specialUse = "Sent"; + }; + Trash = { + auto = "subscribe"; + specialUse = "Trash"; + }; + }; + + loginAccounts = + lib.mapAttrs (account: cfg: { + aliases = cfg.aliases; + aliasesRegexp = cfg.aliasesRegex; + catchAll = cfg.catchAll; + hashedPasswordFile = config.sops.secrets.${cfg.passwdFile}.path; + sendOnly = cfg.sendOnly; + }) + config.customOps.mailAccounts; + certificateScheme = "acme"; + }; + + services.roundcube = { + enable = true; + hostName = "mail.${domainFqdn}"; + extraConfig = '' + $config['imap_host'] = "ssl://${hostname}.${domainFqdn}"; + $config['smtp_host'] = "ssl://${hostname}.${domainFqdn}"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; + ''; + }; +} |