]>
Commit | Line | Data |
---|---|---|
619e4f46 | 1 | { lib, pkgs, config, ... }: |
a929614f | 2 | { |
8415083e IB |
3 | imports = [ |
4 | ./milters.nix | |
5 | ./postfix.nix | |
6 | ./dovecot.nix | |
619e4f46 | 7 | ./relay.nix |
8415083e | 8 | ./rspamd.nix |
deca5e9b | 9 | ./opensmtpd.nix |
8415083e IB |
10 | ]; |
11 | options.myServices.mail.enable = lib.mkEnableOption "enable Mail services"; | |
deca5e9b | 12 | options.myServices.mailRelay.enable = lib.mkEnableOption "enable Mail relay services"; |
619e4f46 | 13 | options.myServices.mailBackup.enable = lib.mkEnableOption "enable MX backup services"; |
8415083e IB |
14 | |
15 | config = lib.mkIf config.myServices.mail.enable { | |
5400b9b6 | 16 | security.acme.certs."mail" = config.myServices.certificates.certConfig // { |
619e4f46 | 17 | domain = config.hostEnv.fqdn; |
8415083e IB |
18 | extraDomains = let |
19 | zonesWithMx = builtins.filter (zone: | |
20 | lib.attrsets.hasAttr "withEmail" zone && lib.lists.length zone.withEmail > 0 | |
ab8f306d | 21 | ) config.myEnv.dns.masterZones; |
619e4f46 | 22 | mxs = map (zone: "${config.hostEnv.mx.subdomain}.${zone.name}") zonesWithMx; |
8415083e IB |
23 | in builtins.listToAttrs (map (mx: lib.attrsets.nameValuePair mx null) mxs); |
24 | }; | |
5153eb54 IB |
25 | # This is for clients that don’t support elliptic curves (e.g. |
26 | # printer) | |
27 | security.acme.certs."mail-rsa" = config.myServices.certificates.certConfig // { | |
28 | domain = config.hostEnv.fqdn; | |
29 | keyType = "rsa4096"; | |
30 | extraDomains = let | |
31 | zonesWithMx = builtins.filter (zone: | |
32 | lib.attrsets.hasAttr "withEmail" zone && lib.lists.length zone.withEmail > 0 | |
33 | ) config.myEnv.dns.masterZones; | |
34 | mxs = map (zone: "${config.hostEnv.mx.subdomain}.${zone.name}") zonesWithMx; | |
35 | in builtins.listToAttrs (map (mx: lib.attrsets.nameValuePair mx null) mxs); | |
36 | }; | |
d2e703c5 | 37 | services.duplyBackup.profiles = { |
8415083e IB |
38 | mail = { |
39 | rootDir = "/var/lib"; | |
40 | excludeFile = lib.mkAfter '' | |
41 | + /var/lib/vhost | |
42 | - /var/lib | |
43 | ''; | |
44 | }; | |
6a8252b1 IB |
45 | }; |
46 | }; | |
a929614f | 47 | } |