]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - modules/private/mail/dovecot.nix
Write peertube flake
[perso/Immae/Config/Nix.git] / modules / private / mail / dovecot.nix
index 4facef588478f6424c13c3778908472c410d5fad..23e795f78bbad7a7d082e56ef2274f81b89a063b 100644 (file)
@@ -13,6 +13,7 @@ let
 in
 {
   config = lib.mkIf config.myServices.mail.enable {
+    systemd.services.dovecot2.serviceConfig.Slice = "mail.slice";
     services.duplyBackup.profiles.mail.excludeFile = ''
       + /var/lib/dhparams
       + /var/lib/dovecot
@@ -69,17 +70,23 @@ in
       mailUser = "vhost";
       mailGroup = "vhost";
       createMailUser = false;
-      mailboxes = [
-        { name = "Trash";  auto = "subscribe"; specialUse = "Trash"; }
-        { name = "Junk";   auto = "subscribe"; specialUse = "Junk"; }
-        { name = "Sent";   auto = "subscribe"; specialUse = "Sent"; }
-        { name = "Drafts"; auto = "subscribe"; specialUse = "Drafts"; }
-      ];
+      mailboxes = {
+        Trash  = { auto = "subscribe"; specialUse = "Trash"; };
+        Junk   = { auto = "subscribe"; specialUse = "Junk"; };
+        Sent   = { auto = "subscribe"; specialUse = "Sent"; };
+        Drafts = { auto = "subscribe"; specialUse = "Drafts"; };
+      };
       mailLocation = "mbox:~/Mail:INBOX=~/Mail/Inbox:INDEX=~/.imap";
       sslServerCert = "/var/lib/acme/mail/fullchain.pem";
       sslServerKey = "/var/lib/acme/mail/key.pem";
       sslCACert = "/var/lib/acme/mail/fullchain.pem";
       extraConfig = builtins.concatStringsSep "\n" [
+        # For printer which doesn’t support elliptic curve
+        ''
+          ssl_alt_cert = </var/lib/acme/mail-rsa/fullchain.pem
+          ssl_alt_key = </var/lib/acme/mail-rsa/key.pem
+        ''
+
         ''
           postmaster_address = postmaster@immae.eu
           mail_attribute_dict = file:%h/dovecot-attributes
@@ -261,7 +268,7 @@ in
 
     services.cron.systemCronJobs = let
       cron_script = pkgs.writeScriptBin "cleanup-imap-folders" ''
-        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX "Backup/*" NOT UID 1:256 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
+        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX "Backup/*" NOT FLAGGED BEFORE 8w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
         ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX Junk SEEN NOT FLAGGED BEFORE 4w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
         ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX Trash NOT FLAGGED BEFORE 4w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
         '';
@@ -269,6 +276,15 @@ in
       [
         "0 2 * * * root ${cron_script}/bin/cleanup-imap-folders"
       ];
+    security.acme.certs."mail-rsa" = {
+      postRun = ''
+        systemctl restart dovecot2.service
+      '';
+      extraDomains = {
+        "imap.immae.eu" = null;
+        "pop3.immae.eu" = null;
+      };
+    };
     security.acme.certs."mail" = {
       postRun = ''
         systemctl restart dovecot2.service