diff options
Diffstat (limited to 'hosts/cloud/spanm/mail.nix')
| -rw-r--r-- | hosts/cloud/spanm/mail.nix | 67 |
1 files changed, 0 insertions, 67 deletions
diff --git a/hosts/cloud/spanm/mail.nix b/hosts/cloud/spanm/mail.nix deleted file mode 100644 index d020fec..0000000 --- a/hosts/cloud/spanm/mail.nix +++ /dev/null @@ -1,67 +0,0 @@ -{ config, pkgs, ... }: { - imports = [ - (builtins.fetchTarball { - url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-23.11/nixos-mailserver-nixos-23.11.tar.gz"; - # To get the sha256 of the nixos-mailserver tarball, we can use the nix-prefetch-url command: - # release="nixos-23.05"; nix-prefetch-url "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz" --unpack - - sha256 = "122vm4n3gkvlkqmlskiq749bhwfd0r71v6vcmg1bbyg4998brvx8"; - }) - ]; - - services.dovecot2.sieve.extensions = [ "fileinto" ]; - mailserver = { - enable = true; - fqdn = "mail.spandrell.ch"; - domains = [ "spandrell.ch" ]; - - # A list of all login accounts. To create the password hashes, use - # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' - loginAccounts = { - "s@spandrell.ch" = { - hashedPasswordFile = "/home/span/mail.key"; - }; - "book@spandrell.ch" = { - hashedPasswordFile = "/home/span/mail.key"; - }; - "site@spandrell.ch" = { - hashedPasswordFile = "/home/span/mail.key"; - }; - "lol@spandrell.ch" = { - hashedPasswordFile = "/home/span/mail.key"; - }; - "sub@spandrell.ch" = { - hashedPasswordFile = "/home/span/mail.key"; - }; - "security@spandrell.ch" = { - hashedPasswordFile = "/home/span/mail.key"; - }; - "parallax@spandrell.ch" = { - hashedPassword = "$2y$12$RVCKyEwpPmQLznKOgtXiBOR3nRy5aT3rFMtypJiDe6xFPfi/r3TXq"; - }; - "finnem@spandrell.ch" = { - hashedPasswordFile = "/home/span/finnem.key"; - }; - }; - - # Use Let's Encrypt certificates. Note that this needs to set up a stripped - # down nginx and opens port 80. - certificateScheme = "acme-nginx"; - }; - security.acme.acceptTerms = true; - security.acme.defaults.email = "security@spandrell.ch"; - services.roundcube = { - enable = true; - # this is the url of the vhost, not necessarily the same as the fqdn of - # the mailserver - hostName = "mail.spandrell.ch"; - extraConfig = '' - # starttls needed for authentication, so the fqdn required to match - # the certificate - $config['smtp_server'] = "tls://${config.mailserver.fqdn}"; - $config['smtp_user'] = "%u"; - $config['smtp_pass'] = "%p"; - ''; - }; - services.nginx.enable = true; -} |