44 lines
1.2 KiB
Nix
Executable file
44 lines
1.2 KiB
Nix
Executable file
{
|
|
config,
|
|
fetchFromGitLab,
|
|
...
|
|
}: {
|
|
mailserver = {
|
|
enable = true;
|
|
fqdn = "mail.spoodythe.one";
|
|
domains = ["spoodythe.one"];
|
|
|
|
openFirewall = false;
|
|
|
|
localDnsResolver = false; # FUCK OFF!!!!
|
|
|
|
# A list of all login accounts. To create the password hashes, use
|
|
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
|
|
loginAccounts = {
|
|
"spoody" = {
|
|
hashedPassword = "$2b$05$sTD8VXUF76uu1LOThuOSTOC8iCe2w4jgwExwpP.cnN7UOa.YEO9G2";
|
|
aliases = ["admin@spoodythe.one"];
|
|
};
|
|
};
|
|
|
|
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
|
# down nginx and opens port 80.
|
|
certificateScheme = "acme-nginx";
|
|
certificateDomains = ["mail.spoodythe.one"];
|
|
};
|
|
|
|
services.roundcube = {
|
|
enable = true;
|
|
# this is the url of the vhost, not necessarily the same as the fqdn of
|
|
# the mailserver
|
|
hostName = "webmail.spoodythe.one";
|
|
extraConfig = ''
|
|
# starttls needed for authentication, so the fqdn required to match
|
|
# the certificate
|
|
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
|
|
$config['smtp_user'] = "%u";
|
|
$config['smtp_pass'] = "%p";
|
|
'';
|
|
};
|
|
}
|