NixOS-Config/modules/system/services/server/mailserver/simplenix/default.nix

59 lines
1.7 KiB
Nix

{ mailserver, pkgs, config, ... }:
{
imports = [
./nginx
mailserver.nixosModule
];
mailserver = rec {
enable = config.system.mailserver.enable;
domains = [
"${config.domains.jim1}"
"${config.domains.jim2}"
"${config.domains.luna}"
"${config.domains.corn}"
];
fqdn = "mx.${config.domains.jim1}";
certificateScheme = "acme-nginx";
localDnsResolver = false;
redis.port = 1515;
dmarcReporting = {
enable = true;
domain = "${config.domains.jim1}";
localpart = "noreply";
organizationName = "Jimbo's Files";
};
# Passwords generated with 'mkpasswd -sm bcrypt'
loginAccounts = {
"noreply@${config.domains.jim1}" = {
hashedPasswordFile = pkgs.writeText "noreply" config.secrets.noreplyMailHash;
sendOnly = true;
};
"jimbo@${config.domains.jim2}" = {
hashedPasswordFile = pkgs.writeText "jimbo" config.secrets.jimboMailHash;
aliases = [
"jimbo@${config.domains.jim1}"
"james@${config.domains.jim1}"
"james@${config.domains.jim2}"
"contact@${config.domains.jim1}"
"contact@${config.domains.jim2}"
];
};
"luna@${config.domains.luna}" = {
hashedPasswordFile = pkgs.writeText "luna" config.secrets.lunaMailHash;
};
"corn@${config.domains.corn}" = {
hashedPasswordFile = pkgs.writeText "corn" config.secrets.cornMailHash;
};
"tiny@${config.domains.corn}" = {
hashedPasswordFile = pkgs.writeText "tiny" config.secrets.tinyMailHash;
};
};
};
# Rspamd port from earlier to avoid overlap
services.redis.servers.rspamd.port = 1515;
}