]>
Commit | Line | Data |
---|---|---|
ab8f306d | 1 | { lib, pkgs, config, ... }: |
afcc5de0 | 2 | let |
1a64deeb IB |
3 | getDomains = p: lib.mapAttrsToList (n: v: v) (lib.filterAttrs (n: v: v.receive) p.emailPolicies); |
4 | bydomain = builtins.mapAttrs (n: getDomains) config.myServices.dns.zones; | |
5 | domains = lib.flatten (builtins.attrValues bydomain); | |
619e4f46 IB |
6 | mxes = lib.mapAttrsToList |
7 | (n: v: v.mx.subdomain) | |
8 | (lib.attrsets.filterAttrs (n: v: v.mx.enable) config.myEnv.servers); | |
1a64deeb | 9 | file = d: pkgs.writeText "mta-sts-${d.fqdn}.txt" ( |
8cc7cb6b | 10 | builtins.concatStringsSep "\r\n" ([ "version: STSv1" "mode: testing" ] |
1a64deeb | 11 | ++ (map (v: "mx: ${v}.${d.domain}") mxes) |
8cc7cb6b IB |
12 | ++ [ "max_age: 604800" ] |
13 | )); | |
afcc5de0 IB |
14 | root = pkgs.runCommand "mta-sts_root" {} '' |
15 | mkdir -p $out | |
16 | ${builtins.concatStringsSep "\n" (map (d: | |
1a64deeb | 17 | "cp ${file d} $out/${d.fqdn}.txt" |
afcc5de0 IB |
18 | ) domains)} |
19 | ''; | |
6ce9fbeb IB |
20 | autoconfigRoot = |
21 | let autoconfig = pkgs.writeText "config-v1.1.xml" '' | |
22 | <?xml version="1.0"?> | |
23 | <clientConfig version="1.1"> | |
24 | <emailProvider id="mail.immae.eu"> | |
25 | <domain>mail.immae.eu</domain> | |
26 | <domain>%EMAILDOMAIN%</domain> | |
27 | <displayName>Immae E-mail</displayName> | |
28 | <displayShortName>Immae E-mail</displayShortName> | |
29 | ||
30 | <incomingServer type="imap"> | |
31 | <hostname>imap.immae.eu</hostname> | |
32 | <port>143</port> | |
33 | <socketType>STARTTLS</socketType> | |
34 | <username>%EMAILADDRESS%</username> | |
35 | <authentication>password-cleartext</authentication> | |
36 | </incomingServer> | |
37 | ||
38 | <incomingServer type="imap"> | |
39 | <hostname>imap.immae.eu</hostname> | |
40 | <port>993</port> | |
41 | <socketType>SSL</socketType> | |
42 | <username>%EMAILADDRESS%</username> | |
43 | <authentication>password-cleartext</authentication> | |
44 | </incomingServer> | |
45 | ||
46 | <incomingServer type="pop3"> | |
47 | <hostname>pop.immae.eu</hostname> | |
48 | <port>110</port> | |
49 | <socketType>STARTTLS</socketType> | |
50 | <username>%EMAILADDRESS%</username> | |
51 | <authentication>password-cleartext</authentication> | |
52 | </incomingServer> | |
53 | ||
54 | <incomingServer type="pop3"> | |
55 | <hostname>pop.immae.eu</hostname> | |
56 | <port>995</port> | |
57 | <socketType>SSL</socketType> | |
58 | <username>%EMAILADDRESS%</username> | |
59 | <authentication>password-cleartext</authentication> | |
60 | </incomingServer> | |
61 | ||
62 | <outgoingServer type="smtp"> | |
63 | <hostname>smtp.immae.eu</hostname> | |
64 | <port>587</port> | |
65 | <socketType>STARTTLS</socketType> | |
66 | <username>%EMAILADDRESS%</username> | |
67 | <authentication>password-cleartext</authentication> | |
68 | </outgoingServer> | |
69 | ||
70 | <outgoingServer type="smtp"> | |
71 | <hostname>smtp.immae.eu</hostname> | |
72 | <port>465</port> | |
73 | <socketType>SSL</socketType> | |
74 | <username>%EMAILADDRESS%</username> | |
75 | <authentication>password-cleartext</authentication> | |
76 | </outgoingServer> | |
77 | </emailProvider> | |
78 | </clientConfig> | |
79 | ''; | |
80 | autodiscover = pkgs.writeText "Autodiscover.xml" '' | |
81 | <?xml version="1.0" encoding="utf-8" ?> | |
82 | <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006"> | |
83 | <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a"> | |
84 | <User> | |
85 | <DisplayName>Name</DisplayName> | |
86 | </User> | |
87 | <Account> | |
88 | <AccountType>email</AccountType> | |
89 | <Action>settings</Action> | |
90 | <Protocol> | |
91 | <Type>IMAP</Type> | |
92 | <TTL>1</TTL> | |
93 | <Server>imap.immae.eu</Server> | |
94 | <Port>143</Port> | |
95 | <DomainRequired>on</DomainRequired> | |
96 | <SPA>off</SPA> | |
97 | <SSL>off</SSL> | |
98 | <AuthRequired>on</AuthRequired> | |
99 | </Protocol> | |
100 | <Protocol> | |
101 | <Type>POP3</Type> | |
102 | <TTL>1</TTL> | |
103 | <Server>pop3.immae.eu</Server> | |
104 | <Port>110</Port> | |
105 | <DomainRequired>on</DomainRequired> | |
106 | <SPA>off</SPA> | |
107 | <SSL>off</SSL> | |
108 | <AuthRequired>on</AuthRequired> | |
109 | </Protocol> | |
110 | <Protocol> | |
111 | <Type>SMTP</Type> | |
112 | <TTL>1</TTL> | |
113 | <Server>smtp.immae.eu</Server> | |
114 | <Port>587</Port> | |
115 | <DomainRequired>on</DomainRequired> | |
116 | <SPA>off</SPA> | |
117 | <SSL>off</SSL> | |
118 | <AuthRequired>on</AuthRequired> | |
119 | </Protocol> | |
120 | <Protocol> | |
121 | <Type>IMAP</Type> | |
122 | <TTL>1</TTL> | |
123 | <Server>imap.immae.eu</Server> | |
124 | <Port>993</Port> | |
125 | <DomainRequired>on</DomainRequired> | |
126 | <SPA>off</SPA> | |
127 | <SSL>on</SSL> | |
128 | <AuthRequired>on</AuthRequired> | |
129 | </Protocol> | |
130 | <Protocol> | |
131 | <Type>POP3</Type> | |
132 | <TTL>1</TTL> | |
133 | <Server>pop3.immae.eu</Server> | |
134 | <Port>995</Port> | |
135 | <DomainRequired>on</DomainRequired> | |
136 | <SPA>off</SPA> | |
137 | <SSL>on</SSL> | |
138 | <AuthRequired>on</AuthRequired> | |
139 | </Protocol> | |
140 | <Protocol> | |
141 | <Type>SMTP</Type> | |
142 | <TTL>1</TTL> | |
143 | <Server>smtp.immae.eu</Server> | |
144 | <Port>465</Port> | |
145 | <DomainRequired>on</DomainRequired> | |
146 | <SPA>off</SPA> | |
147 | <SSL>on</SSL> | |
148 | <AuthRequired>on</AuthRequired> | |
149 | </Protocol> | |
150 | </Account> | |
151 | </Response> | |
152 | </Autodiscover> | |
153 | ''; | |
154 | in | |
155 | pkgs.runCommand "autoconfig" {} '' | |
156 | mkdir -p $out/mail | |
157 | ln -s ${autoconfig} $out/mail/config-v1.1.xml | |
158 | mkdir -p $out/AutoDiscover | |
159 | ln -s ${autodiscover} $out/AutoDiscover/AutoDiscover.xml | |
160 | mkdir -p $out/Autodiscover | |
161 | ln -s ${autodiscover} $out/Autodiscover/Autodiscover.xml | |
162 | mkdir -p $out/autodiscover | |
163 | ln -s ${autodiscover} $out/autodiscover/autodiscover.xml | |
164 | ''; | |
8415083e | 165 | cfg = config.myServices.websites.tools.email; |
afcc5de0 IB |
166 | in |
167 | { | |
8415083e | 168 | config = lib.mkIf cfg.enable { |
6ce9fbeb IB |
169 | security.acme.certs.mail.extraDomainNames = |
170 | [ "mta-sts.mail.immae.eu" "autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ] | |
171 | ++ map (v: "mta-sts.${v.fqdn}") domains | |
172 | ++ map (v: "autoconfig.${v.fqdn}") domains | |
173 | ++ map (v: "autodiscover.${v.fqdn}") domains; | |
8415083e IB |
174 | services.websites.env.tools.vhostConfs.mta_sts = { |
175 | certName = "mail"; | |
1a64deeb | 176 | hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains; |
750fe5a4 | 177 | root = root; |
8415083e IB |
178 | extraConfig = [ |
179 | '' | |
180 | RewriteEngine on | |
181 | RewriteCond %{HTTP_HOST} ^mta-sts.(.*)$ | |
182 | RewriteRule ^/.well-known/mta-sts.txt$ %{DOCUMENT_ROOT}/%1.txt [L] | |
750fe5a4 | 183 | <Directory ${root}> |
8415083e IB |
184 | Require all granted |
185 | Options -Indexes | |
186 | </Directory> | |
187 | '' | |
188 | ]; | |
189 | }; | |
6ce9fbeb IB |
190 | services.websites.env.tools.vhostConfs.mail_autoconfig = { |
191 | certName = "mail"; | |
192 | hosts = ["autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ] | |
193 | ++ map (v: "autoconfig.${v.fqdn}") domains | |
194 | ++ map (v: "autodiscover.${v.fqdn}") domains; | |
195 | root = autoconfigRoot; | |
196 | extraConfig = [ | |
197 | '' | |
198 | <Directory ${autoconfigRoot}> | |
199 | Require all granted | |
200 | Options -Indexes | |
201 | </Directory> | |
202 | '' | |
203 | ]; | |
204 | }; | |
afcc5de0 | 205 | }; |
afcc5de0 | 206 | } |