about summary refs log tree commit diff
path: root/nix/hosts/mail/mail.nix
diff options
context:
space:
mode:
authorEmile <git@emile.space>2024-03-09 22:56:01 +0100
committerEmile <git@emile.space>2024-03-09 22:56:01 +0100
commit55ee036fd7ebed24097c8da1ca8a0b0829264670 (patch)
tree9c600d75a4f59f8ec253c5caadc1f77b2cecb0da /nix/hosts/mail/mail.nix
big bang
Diffstat (limited to 'nix/hosts/mail/mail.nix')
-rw-r--r--nix/hosts/mail/mail.nix50
1 files changed, 50 insertions, 0 deletions
diff --git a/nix/hosts/mail/mail.nix b/nix/hosts/mail/mail.nix
new file mode 100644
index 0000000..4224e04
--- /dev/null
+++ b/nix/hosts/mail/mail.nix
@@ -0,0 +1,50 @@
+{ ... }:
+let
+  release = "nixos-23.05";
+in {
+  imports = [
+    (builtins.fetchTarball {
+      # Pick a commit from the branch you are interested in
+      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz";
+      # And set its hash
+      sha256 = "1ngil2shzkf61qxiqw11awyl81cr7ks2kv3r3k243zz7v2xakm5c";
+    })
+  ];
+
+  mailserver = {
+    enable = true;
+    fqdn = "mail.emile.space";
+    domains = [ "emile.space" ];
+
+    # A list of all login accounts. To create the password hashes, use
+    # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+    loginAccounts = {
+        "mail@emile.space" = {
+            hashedPasswordFile = "/etc/nixos/keys/mail";
+            aliases = ["@emile.space"];
+        };
+    };
+
+    localDnsResolver = false;
+
+    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
+    # down nginx and opens port 80.
+    #certificateScheme = 3;
+    certificateScheme = "acme-nginx";
+
+    # Enable IMAP and POP3
+    enableImap = true;
+    enablePop3 = true;
+    enableSubmission = true;
+
+    # as well with ssl
+    enableImapSsl = true;
+    enablePop3Ssl = true;
+    enableSubmissionSsl = true;
+
+    enableManageSieve = true;
+
+    virusScanning = false;
+
+  };
+}