X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=systems%2Feldiron%2Fmail%2Fdovecot.nix;fp=modules%2Fprivate%2Fmail%2Fdovecot.nix;h=a1282e3def28da74253b494669a595dd86ab6e46;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hp=b6fdc026efcd8a66d2e22f27c92de69d52ce78ed;hpb=fa25ffd4583cc362075cd5e1b4130f33306103f0;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/mail/dovecot.nix b/systems/eldiron/mail/dovecot.nix similarity index 77% rename from modules/private/mail/dovecot.nix rename to systems/eldiron/mail/dovecot.nix index b6fdc02..a1282e3 100644 --- a/modules/private/mail/dovecot.nix +++ b/systems/eldiron/mail/dovecot.nix @@ -13,6 +13,36 @@ let in { config = lib.mkIf config.myServices.mail.enable { + myServices.dns.zones."immae.eu".subdomains = + with config.myServices.dns.helpers; + { + imap = ips servers.eldiron.ips.main; + pop3 = ips servers.eldiron.ips.main; + }; + + myServices.chatonsProperties.services.email = { + file.datetime = "2022-08-22T01:00:00"; + service = { + name = "E-mail account"; + description = "Compte e-mail avec configuration imap et smtp/pop3"; + logo = "https://www.dovecot.org/wp-content/uploads/2021/09/favicon.ico"; + website = "https://mail.immae.eu/"; + status.level = "OK"; + status.description = "OK"; + registration."" = ["MEMBER" "CLIENT"]; + registration.load = "OPEN"; + install.type = "PACKAGE"; + }; + software = { + name = "Dovecot"; + website = "https://www.dovecot.org/"; + license.url = "https://github.com/dovecot/core/blob/main/COPYING"; + license.name = "MIT and LGPLv2.1 Licenses"; + version = pkgs.dovecot.version; + source.url = "https://github.com/dovecot/core"; + modules = ["roundcube" "rainloop"] ++ map (a: a.pname) config.services.dovecot2.modules; + }; + }; systemd.services.dovecot2.serviceConfig.Slice = "mail.slice"; secrets.keys."dovecot/ldap" = { user = config.services.dovecot2.user; @@ -47,6 +77,13 @@ in uid = config.ids.uids.vhost; }; users.groups.vhost.gid = config.ids.gids.vhost; + users.users."${config.services.dovecot2.user}".extraGroups = [ "acme" ]; + + nixpkgs.overlays = [ + (self: super: { + dovecot = super.dovecot.override { openldap = self.openldap_libressl_cyrus; }; + }) + ]; # https://blog.zeninc.net/index.php?post/2018/04/01/Un-annuaire-pour-les-gouverner-tous....... services.dovecot2 = { @@ -58,7 +95,7 @@ in protocols = [ "sieve" ]; modules = [ pkgs.dovecot_pigeonhole - pkgs.dovecot_fts-xapian + pkgs.dovecot_fts_xapian ]; mailUser = "vhost"; mailGroup = "vhost"; @@ -70,13 +107,13 @@ in Drafts = { auto = "subscribe"; specialUse = "Drafts"; }; }; mailLocation = "mbox:~/Mail:INBOX=~/Mail/Inbox:INDEX=~/.imap"; - sslServerCert = "/var/lib/acme/mail/fullchain.pem"; + sslServerCert = "/etc/dovecot/fullchain.pem"; sslServerKey = "/var/lib/acme/mail/key.pem"; - sslCACert = "/var/lib/acme/mail/fullchain.pem"; + sslCACert = "/etc/dovecot/fullchain.pem"; extraConfig = builtins.concatStringsSep "\n" [ # For printer which doesn’t support elliptic curve '' - ssl_alt_cert =