From 34fae224e8460419ae8ef0fe32a12e3d362142b8 Mon Sep 17 00:00:00 2001
From: polwex <polwex@sortug.com>
Date: Mon, 23 Jun 2025 06:54:50 +0700
Subject: m

---
 hosts/cloud/hetzner/mail.nix | 82 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 82 insertions(+)
 create mode 100644 hosts/cloud/hetzner/mail.nix

(limited to 'hosts/cloud/hetzner/mail.nix')

diff --git a/hosts/cloud/hetzner/mail.nix b/hosts/cloud/hetzner/mail.nix
new file mode 100644
index 0000000..deab818
--- /dev/null
+++ b/hosts/cloud/hetzner/mail.nix
@@ -0,0 +1,82 @@
+{
+  config,
+  pkgs,
+  ...
+}: {
+  environment.etc = {
+    "stalwart/mail-pw1".text = "poguo";
+    "stalwart/mail-pw2".text = "shahezai";
+    "stalwart/admin-pw".text = "chengchun";
+    "stalwart/acme-secret".text = "caomushen";
+  };
+
+  services.stalwart-mail = {
+    enable = true;
+    package = pkgs.stalwart-mail;
+    openFirewall = true;
+    settings = {
+      server = {
+        hostname = "mail.urbit.cloud";
+        tls = {
+          enable = true;
+          implicit = true;
+        };
+        listener = {
+          smtp = {
+            protocol = "smtp";
+            bind = "[::]:25";
+          };
+          submissions = {
+            bind = "[::]:465";
+            protocol = "smtp";
+          };
+          imaps = {
+            bind = "[::]:993";
+            protocol = "imap";
+          };
+          jmap = {
+            bind = "[::]:88888";
+            url = "https://mail.urbit.cloud";
+            protocol = "jmap";
+          };
+          management = {
+            bind = ["127.0.0.1:8888"];
+            protocol = "http";
+          };
+        };
+      };
+      lookup.default = {
+        hostname = "mail.urbit.cloud";
+        domain = "urbit.cloud";
+      };
+      session.auth = {
+        mechanisms = "[plain]";
+        directory = "'in-memory'";
+      };
+      storage.directory = "in-memory";
+      session.rcpt.directory = "'in-memory'";
+      queue.outbound.next-hop = "'local'";
+      directory."in-memory" = {
+        type = "memory";
+        principals = [
+          {
+            class = "individual";
+            name = "User 1";
+            secret = "%{file:/etc/stalwart/mail-pw1}%";
+            email = ["polwex@urbit.cloud"];
+          }
+          {
+            class = "individual";
+            name = "postmaster";
+            secret = "%{file:/etc/stalwart/mail-pw1}%";
+            email = ["postmaster@urbit.cloud"];
+          }
+        ];
+      };
+      authentication.fallback-admin = {
+        user = "admin";
+        secret = "%{file:/etc/stalwart/admin-pw}%";
+      };
+    };
+  };
+}
-- 
cgit v1.2.3