From 55ee036fd7ebed24097c8da1ca8a0b0829264670 Mon Sep 17 00:00:00 2001 From: Emile Date: Sat, 9 Mar 2024 22:56:01 +0100 Subject: big bang --- nix/hosts/mail/mail.nix | 50 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 nix/hosts/mail/mail.nix (limited to 'nix/hosts/mail/mail.nix') diff --git a/nix/hosts/mail/mail.nix b/nix/hosts/mail/mail.nix new file mode 100644 index 0000000..4224e04 --- /dev/null +++ b/nix/hosts/mail/mail.nix @@ -0,0 +1,50 @@ +{ ... }: +let + release = "nixos-23.05"; +in { + imports = [ + (builtins.fetchTarball { + # Pick a commit from the branch you are interested in + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz"; + # And set its hash + sha256 = "1ngil2shzkf61qxiqw11awyl81cr7ks2kv3r3k243zz7v2xakm5c"; + }) + ]; + + mailserver = { + enable = true; + fqdn = "mail.emile.space"; + domains = [ "emile.space" ]; + + # A list of all login accounts. To create the password hashes, use + # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 + loginAccounts = { + "mail@emile.space" = { + hashedPasswordFile = "/etc/nixos/keys/mail"; + aliases = ["@emile.space"]; + }; + }; + + localDnsResolver = false; + + # Use Let's Encrypt certificates. Note that this needs to set up a stripped + # down nginx and opens port 80. + #certificateScheme = 3; + certificateScheme = "acme-nginx"; + + # Enable IMAP and POP3 + enableImap = true; + enablePop3 = true; + enableSubmission = true; + + # as well with ssl + enableImapSsl = true; + enablePop3Ssl = true; + enableSubmissionSsl = true; + + enableManageSieve = true; + + virusScanning = false; + + }; +} -- cgit 1.4.1