118 lines
3.2 KiB
Nix
118 lines
3.2 KiB
Nix
{config, ...}: {
|
|
# nixpkgs.overlays = [
|
|
# (final: prev: let
|
|
# version = "0.12.4";
|
|
# hash = "sha256-MUbWGBbb8+b5cp+M5w27A/cHHkMcoEtkN13++FyBvbM=";
|
|
# cargoHash = "sha256-G1c7hh0nScc4Cx7A1UUXv6slA6pP0fC6h00zR71BJIo=";
|
|
# in {
|
|
# stalwart-mail = prev.stalwart-mail.overrideAttrs (new: old: rec {
|
|
# inherit cargoHash version;
|
|
# src = prev.fetchFromGitHub {
|
|
# inherit version hash;
|
|
# inherit (old.src) owner repo;
|
|
# tag = "v${version}";
|
|
# };
|
|
# cargoDeps = prev.rustPlatform.fetchCargoVendor {
|
|
# inherit src;
|
|
# hash = cargoHash;
|
|
# };
|
|
# });
|
|
# })
|
|
# ];
|
|
# services.stalwart-mail = {
|
|
# enable = true;
|
|
# openFirewall = false; # Don't want to open port 8080, will leave that for caddy.
|
|
# credentials = {
|
|
# user_admin_password = config.age.secrets.mail-admin.path;
|
|
# };
|
|
# settings = {
|
|
# authentication.fallback-admin = {
|
|
# secret = "%{file:/run/credentials/stalwart-mail.service/user_admin_password}%";
|
|
# user = "admin";
|
|
# };
|
|
# server = {
|
|
# tracer."log" = {
|
|
# ansi = false;
|
|
# enable = true;
|
|
# level = "info";
|
|
# path = "./stalwart/logs";
|
|
# prefix = "stalwart.log";
|
|
# rotate = "daily";
|
|
# type = "log";
|
|
# };
|
|
# listener = {
|
|
# bind = "127.0.0.1:9003";
|
|
# protocol = "http";
|
|
# };
|
|
# imaptls = {
|
|
# bind = "[::]:993";
|
|
# protocol = "imap";
|
|
# tls.implicit = true;
|
|
# };
|
|
# smtp = {
|
|
# bind = "[::]:25";
|
|
# protocol = "smtp";
|
|
# };
|
|
# submissions = {
|
|
# bind = "[::]:465";
|
|
# protocol = "smtp";
|
|
# tls.implicit = true;
|
|
# };
|
|
# };
|
|
# };
|
|
#
|
|
# hostname = "mx1.jsw.tf";
|
|
# lookup.default.domain = "jsw.tf";
|
|
# acme."letsencrypt" = {
|
|
# directory = "https://acme-v02.api.letsencrypt.org/directory";
|
|
# challenge = "tls-alpn-01";
|
|
# contact = ["jurnwubben@gmail.com"];
|
|
# domains = ["jsw.tf" "mx1.jsw.tf"];
|
|
# renew-before = "30d";
|
|
# };
|
|
# directory."imap".lookup.domains = ["jsw.tf"];
|
|
# # directory."in-memory" = {
|
|
# # type = "memory";
|
|
# # principals = [
|
|
# # {
|
|
# # class = "individual";
|
|
# # name = "User 1";
|
|
# # secret = "%{file:/etc/stalwart/mail-pw1}%";
|
|
# # email = [""];
|
|
# # }
|
|
# # ];
|
|
# # };
|
|
# };
|
|
|
|
#FIXME: revert when stopped using docker for stalwart. https://github.com/NixOS/nixpkgs/issues/416091
|
|
|
|
virtualisation.oci-containers.containers.stalwart = {
|
|
image = "docker.io/stalwartlabs/stalwart:latest";
|
|
labels = {
|
|
"io.containers.autoupdate" = "registry";
|
|
};
|
|
ports = ["25:25" "465:465" "993:993" "9003:8080"];
|
|
volumes = [
|
|
"/opt/stalwart:/opt/stalwart"
|
|
];
|
|
};
|
|
networking.firewall.allowedTCPPorts = [
|
|
993
|
|
25
|
|
465
|
|
];
|
|
|
|
services.caddy.virtualHosts = {
|
|
"webadmin.jsw.tf" = {
|
|
extraConfig = ''
|
|
reverse_proxy http://127.0.0.1:9003
|
|
'';
|
|
serverAliases = [
|
|
# "mta-sts.jsw.tf"
|
|
# "autoconfig.jsw.tf"
|
|
# "autodiscover.jsw.tf"
|
|
"mail.jsw.tf"
|
|
];
|
|
};
|
|
};
|
|
}
|