thunderbottom/flakes
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
400071a40a
flakes/modules/nixos/services/mailserver/default.nix
Chinmay D. Pai 98fbfc0590
feat: add smolboye mailserver setup 
* add mailserver module based on simple-nixos-mailserver
* add smolboye server running on Hetzner Cloud
* add support for grub, make systemd-boot an optional default

Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>
2024-10-09 17:54:43 +05:30

96 lines
2.4 KiB
Nix
Raw Blame History

{
config,
inputs,
lib,
...
}: {
imports = [inputs.nixos-mailserver.nixosModules.mailserver];
options.snowflake.services.mailserver = {
enable = lib.mkEnableOption "Enable mailserver service";
fqdn = lib.mkOption {
type = lib.types.str;
description = "FQDN for the mailserver";
};
domains = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
description = "Configuration domains to use for the mailserver";
};
loginAccounts = lib.mkOption {
description = "Login accounts for the domain. Every account is mapped to a unix user";
};
};
config = let
cfg = config.snowflake.services.mailserver;
in
lib.mkIf cfg.enable {
# Ref: https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/275
services.dovecot2.sieve.extensions = ["fileinto"];
mailserver = {
inherit (cfg) enable fqdn domains loginAccounts;
# Spin up a stripped-down nginx instance on
# port 80 to generate a certificate automatically.
certificateScheme = "acme-nginx";
# Enable a better way of storing emails.
useFsLayout = true;
mailboxes = {
Archive = {
auto = "subscribe";
specialUse = "Archive";
};
Drafts = {
auto = "subscribe";
specialUse = "Drafts";
};
Sent = {
auto = "subscribe";
specialUse = "Sent";
};
Junk = {
auto = "subscribe";
specialUse = "Junk";
};
Trash = {
auto = "subscribe";
specialUse = "Trash";
};
};
};
# Prefer using ipv4 and use correct ipv6 address
# to avoid rDNS issues
# NOTE: this needs to be changed on every new system.
# TODO: figure out how to handle this case better.
services.postfix.extraConfig = ''
smtp_bind_address6 = 2a01:4f8:1c1c:90b::
smtp_address_preference = ipv4
'';
services.fail2ban.jails = {
postfix = {
settings = {
enabled = true;
mode = "extra";
};
};
dovecot = {
settings = {
enabled = true;
filter = "dovecot[mode=aggressive]";
maxretry = 3;
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink