3 files changed, 239 insertions, 1 deletions
diff --git a/systems/eldiron/dns.nix b/systems/eldiron/dns.nix
index b076f62..3d5aafa 100644
--- a/systems/eldiron/dns.nix
+++ b/systems/eldiron/dns.nix
@@ -93,6 +93,11 @@ in
            # DMARC
            # p needs to be the first tag
            _dmarc.TXT = [ (toKV { _00__v = "DMARC1"; _01__p = if quarantine then "quarantine" else "none"; adkim = "s"; aspf = "s"; fo = "1"; rua = "mailto:postmaster+rua@immae.eu"; ruf = "mailto:postmaster+ruf@immae.eu"; }) ];
+            # Autoconfiguration for Outlook
+            autodiscover = ips servers.eldiron.ips.main;
+            # Autoconfiguration for Mozilla
+            autoconfig = ips servers.eldiron.ips.main;
          };
          # SPF
diff --git a/systems/eldiron/websites/default.nix b/systems/eldiron/websites/default.nix
index 68205de..feecc31 100644
--- a/systems/eldiron/websites/default.nix
+++ b/systems/eldiron/websites/default.nix
@@ -78,6 +78,75 @@ let
        </Directory>
      '';
    };
+    mail-autoconfig = {
+      extraConfig = let
+        autoconfig = pkgs.writeTextDir "config-v1.1.xml" ''
+          <?xml version="1.0"?>
+          <clientConfig version="1.1">
+            <emailProvider id="mail.immae.eu">
+              <domain>mail.immae.eu</domain>
+              <domain>%EMAILDOMAIN%</domain>
+              <displayName>Immae E-mail</displayName>
+              <displayShortName>Immae E-mail</displayShortName>
+              <incomingServer type="imap">
+                <hostname>imap.immae.eu</hostname>
+                <port>143</port>
+                <socketType>STARTTLS</socketType>
+                <username>%EMAILADDRESS%</username>
+                <authentication>password-cleartext</authentication>
+              </incomingServer>
+              <incomingServer type="imap">
+                <hostname>imap.immae.eu</hostname>
+                <port>993</port>
+                <socketType>SSL</socketType>
+                <username>%EMAILADDRESS%</username>
+                <authentication>password-cleartext</authentication>
+              </incomingServer>
+              <incomingServer type="pop3">
+                <hostname>pop.immae.eu</hostname>
+                <port>110</port>
+                <socketType>STARTTLS</socketType>
+                <username>%EMAILADDRESS%</username>
+                <authentication>password-cleartext</authentication>
+              </incomingServer>
+              <incomingServer type="pop3">
+                <hostname>pop.immae.eu</hostname>
+                <port>995</port>
+                <socketType>SSL</socketType>
+                <username>%EMAILADDRESS%</username>
+                <authentication>password-cleartext</authentication>
+              </incomingServer>
+              <outgoingServer type="smtp">
+                <hostname>smtp.immae.eu</hostname>
+                <port>587</port>
+                <socketType>STARTTLS</socketType>
+                <username>%EMAILADDRESS%</username>
+                <authentication>password-cleartext</authentication>
+              </outgoingServer>
+              <outgoingServer type="smtp">
+                <hostname>smtp.immae.eu</hostname>
+                <port>465</port>
+                <socketType>SSL</socketType>
+                <username>%EMAILADDRESS%</username>
+                <authentication>password-cleartext</authentication>
+              </outgoingServer>
+            </emailProvider>
+          </clientConfig>
+        '';
+      in ''
+        Alias /.well-known/autoconfig/mail "${autoconfig}"
+        <Directory ${autoconfig}>
+          AllowOverride None
+          Require all granted
+        </Directory>
+      '';
+    };
    apaxy = {
      extraConfig = (mypackages-lib.apache-theme { inherit theme_root; }).apacheConfig;
    };
diff --git a/systems/eldiron/websites/mail/mta-sts.nix b/systems/eldiron/websites/mail/mta-sts.nix
index 2438702..240bcdb 100644
--- a/systems/eldiron/websites/mail/mta-sts.nix
+++ b/systems/eldiron/websites/mail/mta-sts.nix
@@ -17,11 +17,160 @@ let
      "cp ${file d} $out/${d.fqdn}.txt"
    ) domains)}
    '';
+  autoconfigRoot =
+    let autoconfig = pkgs.writeText "config-v1.1.xml" ''
+      <?xml version="1.0"?>
+      <clientConfig version="1.1">
+        <emailProvider id="mail.immae.eu">
+          <domain>mail.immae.eu</domain>
+          <domain>%EMAILDOMAIN%</domain>
+          <displayName>Immae E-mail</displayName>
+          <displayShortName>Immae E-mail</displayShortName>
+          <incomingServer type="imap">
+            <hostname>imap.immae.eu</hostname>
+            <port>143</port>
+            <socketType>STARTTLS</socketType>
+            <username>%EMAILADDRESS%</username>
+            <authentication>password-cleartext</authentication>
+          </incomingServer>
+          <incomingServer type="imap">
+            <hostname>imap.immae.eu</hostname>
+            <port>993</port>
+            <socketType>SSL</socketType>
+            <username>%EMAILADDRESS%</username>
+            <authentication>password-cleartext</authentication>
+          </incomingServer>
+          <incomingServer type="pop3">
+            <hostname>pop.immae.eu</hostname>
+            <port>110</port>
+            <socketType>STARTTLS</socketType>
+            <username>%EMAILADDRESS%</username>
+            <authentication>password-cleartext</authentication>
+          </incomingServer>
+          <incomingServer type="pop3">
+            <hostname>pop.immae.eu</hostname>
+            <port>995</port>
+            <socketType>SSL</socketType>
+            <username>%EMAILADDRESS%</username>
+            <authentication>password-cleartext</authentication>
+          </incomingServer>
+          <outgoingServer type="smtp">
+            <hostname>smtp.immae.eu</hostname>
+            <port>587</port>
+            <socketType>STARTTLS</socketType>
+            <username>%EMAILADDRESS%</username>
+            <authentication>password-cleartext</authentication>
+          </outgoingServer>
+          <outgoingServer type="smtp">
+            <hostname>smtp.immae.eu</hostname>
+            <port>465</port>
+            <socketType>SSL</socketType>
+            <username>%EMAILADDRESS%</username>
+            <authentication>password-cleartext</authentication>
+          </outgoingServer>
+        </emailProvider>
+      </clientConfig>
+    '';
+    autodiscover = pkgs.writeText "Autodiscover.xml" ''
+      <?xml version="1.0" encoding="utf-8" ?>
+      <Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
+        <Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
+          <User>
+            <DisplayName>Name</DisplayName>
+          </User>
+          <Account>
+            <AccountType>email</AccountType>
+            <Action>settings</Action>
+            <Protocol>
+              <Type>IMAP</Type>
+              <TTL>1</TTL>
+              <Server>imap.immae.eu</Server>
+              <Port>143</Port>
+              <DomainRequired>on</DomainRequired>
+              <SPA>off</SPA>
+              <SSL>off</SSL>
+              <AuthRequired>on</AuthRequired>
+            </Protocol>
+            <Protocol>
+              <Type>POP3</Type>
+              <TTL>1</TTL>
+              <Server>pop3.immae.eu</Server>
+              <Port>110</Port>
+              <DomainRequired>on</DomainRequired>
+              <SPA>off</SPA>
+              <SSL>off</SSL>
+              <AuthRequired>on</AuthRequired>
+            </Protocol>
+            <Protocol>
+              <Type>SMTP</Type>
+              <TTL>1</TTL>
+              <Server>smtp.immae.eu</Server>
+              <Port>587</Port>
+              <DomainRequired>on</DomainRequired>
+              <SPA>off</SPA>
+              <SSL>off</SSL>
+              <AuthRequired>on</AuthRequired>
+            </Protocol>
+            <Protocol>
+              <Type>IMAP</Type>
+              <TTL>1</TTL>
+              <Server>imap.immae.eu</Server>
+              <Port>993</Port>
+              <DomainRequired>on</DomainRequired>
+              <SPA>off</SPA>
+              <SSL>on</SSL>
+              <AuthRequired>on</AuthRequired>
+            </Protocol>
+            <Protocol>
+              <Type>POP3</Type>
+              <TTL>1</TTL>
+              <Server>pop3.immae.eu</Server>
+              <Port>995</Port>
+              <DomainRequired>on</DomainRequired>
+              <SPA>off</SPA>
+              <SSL>on</SSL>
+              <AuthRequired>on</AuthRequired>
+            </Protocol>
+            <Protocol>
+              <Type>SMTP</Type>
+              <TTL>1</TTL>
+              <Server>smtp.immae.eu</Server>
+              <Port>465</Port>
+              <DomainRequired>on</DomainRequired>
+              <SPA>off</SPA>
+              <SSL>on</SSL>
+              <AuthRequired>on</AuthRequired>
+            </Protocol>
+          </Account>
+        </Response>
+      </Autodiscover>
+    '';
+  in
+    pkgs.runCommand "autoconfig" {} ''
+      mkdir -p $out/mail
+      ln -s ${autoconfig} $out/mail/config-v1.1.xml
+      mkdir -p $out/AutoDiscover
+      ln -s ${autodiscover} $out/AutoDiscover/AutoDiscover.xml
+      mkdir -p $out/Autodiscover
+      ln -s ${autodiscover} $out/Autodiscover/Autodiscover.xml
+      mkdir -p $out/autodiscover
+      ln -s ${autodiscover} $out/autodiscover/autodiscover.xml
+    '';
  cfg = config.myServices.websites.tools.email;
 in
 {
  config = lib.mkIf cfg.enable {
-    security.acme.certs.mail.extraDomainNames = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains;
+    security.acme.certs.mail.extraDomainNames =
+      [ "mta-sts.mail.immae.eu" "autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ]
+      ++ map (v: "mta-sts.${v.fqdn}") domains
+      ++ map (v: "autoconfig.${v.fqdn}") domains
+      ++ map (v: "autodiscover.${v.fqdn}") domains;
    services.websites.env.tools.vhostConfs.mta_sts = {
      certName   = "mail";
      hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains;
@@ -38,5 +187,20 @@ in
        ''
      ];
    };
+    services.websites.env.tools.vhostConfs.mail_autoconfig = {
+      certName = "mail";
+      hosts = ["autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ]
+        ++ map (v: "autoconfig.${v.fqdn}") domains
+        ++ map (v: "autodiscover.${v.fqdn}") domains;
+      root = autoconfigRoot;
+      extraConfig = [
+        ''
+          <Directory ${autoconfigRoot}>
+            Require all granted
+            Options -Indexes
+          </Directory>
+        ''
+      ];
+    };
  };
 }

diff --git a/systems/eldiron/dns.nix b/systems/eldiron/dns.nix index b076f62..3d5aafa 100644 --- a/systems/eldiron/dns.nix +++ b/systems/eldiron/dns.nix
@@ -93,6 +93,11 @@ in
93	# DMARC	93	# DMARC
94	# p needs to be the first tag	94	# p needs to be the first tag
95	_dmarc.TXT = [ (toKV { _00__v = "DMARC1"; _01__p = if quarantine then "quarantine" else "none"; adkim = "s"; aspf = "s"; fo = "1"; rua = "mailto:postmaster+rua@immae.eu"; ruf = "mailto:postmaster+ruf@immae.eu"; }) ];	95	_dmarc.TXT = [ (toKV { _00__v = "DMARC1"; _01__p = if quarantine then "quarantine" else "none"; adkim = "s"; aspf = "s"; fo = "1"; rua = "mailto:postmaster+rua@immae.eu"; ruf = "mailto:postmaster+ruf@immae.eu"; }) ];
		96
		97	# Autoconfiguration for Outlook
		98	autodiscover = ips servers.eldiron.ips.main;
		99	# Autoconfiguration for Mozilla
		100	autoconfig = ips servers.eldiron.ips.main;
96	};	101	};
97		102
98	# SPF	103	# SPF


diff --git a/systems/eldiron/websites/default.nix b/systems/eldiron/websites/default.nix index 68205de..feecc31 100644 --- a/systems/eldiron/websites/default.nix +++ b/systems/eldiron/websites/default.nix
@@ -78,6 +78,75 @@ let
78	</Directory>	78	</Directory>
79	'';	79	'';
80	};	80	};
		81	mail-autoconfig = {
		82	extraConfig = let
		83	autoconfig = pkgs.writeTextDir "config-v1.1.xml" ''
		84	<?xml version="1.0"?>
		85	<clientConfig version="1.1">
		86	<emailProvider id="mail.immae.eu">
		87	<domain>mail.immae.eu</domain>
		88	<domain>%EMAILDOMAIN%</domain>
		89	<displayName>Immae E-mail</displayName>
		90	<displayShortName>Immae E-mail</displayShortName>
		91
		92	<incomingServer type="imap">
		93	<hostname>imap.immae.eu</hostname>
		94	<port>143</port>
		95	<socketType>STARTTLS</socketType>
		96	<username>%EMAILADDRESS%</username>
		97	<authentication>password-cleartext</authentication>
		98	</incomingServer>
		99
		100	<incomingServer type="imap">
		101	<hostname>imap.immae.eu</hostname>
		102	<port>993</port>
		103	<socketType>SSL</socketType>
		104	<username>%EMAILADDRESS%</username>
		105	<authentication>password-cleartext</authentication>
		106	</incomingServer>
		107
		108	<incomingServer type="pop3">
		109	<hostname>pop.immae.eu</hostname>
		110	<port>110</port>
		111	<socketType>STARTTLS</socketType>
		112	<username>%EMAILADDRESS%</username>
		113	<authentication>password-cleartext</authentication>
		114	</incomingServer>
		115
		116	<incomingServer type="pop3">
		117	<hostname>pop.immae.eu</hostname>
		118	<port>995</port>
		119	<socketType>SSL</socketType>
		120	<username>%EMAILADDRESS%</username>
		121	<authentication>password-cleartext</authentication>
		122	</incomingServer>
		123
		124	<outgoingServer type="smtp">
		125	<hostname>smtp.immae.eu</hostname>
		126	<port>587</port>
		127	<socketType>STARTTLS</socketType>
		128	<username>%EMAILADDRESS%</username>
		129	<authentication>password-cleartext</authentication>
		130	</outgoingServer>
		131
		132	<outgoingServer type="smtp">
		133	<hostname>smtp.immae.eu</hostname>
		134	<port>465</port>
		135	<socketType>SSL</socketType>
		136	<username>%EMAILADDRESS%</username>
		137	<authentication>password-cleartext</authentication>
		138	</outgoingServer>
		139	</emailProvider>
		140	</clientConfig>
		141	'';
		142	in ''
		143	Alias /.well-known/autoconfig/mail "${autoconfig}"
		144	<Directory ${autoconfig}>
		145	AllowOverride None
		146	Require all granted
		147	</Directory>
		148	'';
		149	};
81	apaxy = {	150	apaxy = {
82	extraConfig = (mypackages-lib.apache-theme { inherit theme_root; }).apacheConfig;	151	extraConfig = (mypackages-lib.apache-theme { inherit theme_root; }).apacheConfig;
83	};	152	};


diff --git a/systems/eldiron/websites/mail/mta-sts.nix b/systems/eldiron/websites/mail/mta-sts.nix index 2438702..240bcdb 100644 --- a/systems/eldiron/websites/mail/mta-sts.nix +++ b/systems/eldiron/websites/mail/mta-sts.nix
@@ -17,11 +17,160 @@ let
17	"cp ${file d} $out/${d.fqdn}.txt"	17	"cp ${file d} $out/${d.fqdn}.txt"
18	) domains)}	18	) domains)}
19	'';	19	'';
		20	autoconfigRoot =
		21	let autoconfig = pkgs.writeText "config-v1.1.xml" ''
		22	<?xml version="1.0"?>
		23	<clientConfig version="1.1">
		24	<emailProvider id="mail.immae.eu">
		25	<domain>mail.immae.eu</domain>
		26	<domain>%EMAILDOMAIN%</domain>
		27	<displayName>Immae E-mail</displayName>
		28	<displayShortName>Immae E-mail</displayShortName>
		29
		30	<incomingServer type="imap">
		31	<hostname>imap.immae.eu</hostname>
		32	<port>143</port>
		33	<socketType>STARTTLS</socketType>
		34	<username>%EMAILADDRESS%</username>
		35	<authentication>password-cleartext</authentication>
		36	</incomingServer>
		37
		38	<incomingServer type="imap">
		39	<hostname>imap.immae.eu</hostname>
		40	<port>993</port>
		41	<socketType>SSL</socketType>
		42	<username>%EMAILADDRESS%</username>
		43	<authentication>password-cleartext</authentication>
		44	</incomingServer>
		45
		46	<incomingServer type="pop3">
		47	<hostname>pop.immae.eu</hostname>
		48	<port>110</port>
		49	<socketType>STARTTLS</socketType>
		50	<username>%EMAILADDRESS%</username>
		51	<authentication>password-cleartext</authentication>
		52	</incomingServer>
		53
		54	<incomingServer type="pop3">
		55	<hostname>pop.immae.eu</hostname>
		56	<port>995</port>
		57	<socketType>SSL</socketType>
		58	<username>%EMAILADDRESS%</username>
		59	<authentication>password-cleartext</authentication>
		60	</incomingServer>
		61
		62	<outgoingServer type="smtp">
		63	<hostname>smtp.immae.eu</hostname>
		64	<port>587</port>
		65	<socketType>STARTTLS</socketType>
		66	<username>%EMAILADDRESS%</username>
		67	<authentication>password-cleartext</authentication>
		68	</outgoingServer>
		69
		70	<outgoingServer type="smtp">
		71	<hostname>smtp.immae.eu</hostname>
		72	<port>465</port>
		73	<socketType>SSL</socketType>
		74	<username>%EMAILADDRESS%</username>
		75	<authentication>password-cleartext</authentication>
		76	</outgoingServer>
		77	</emailProvider>
		78	</clientConfig>
		79	'';
		80	autodiscover = pkgs.writeText "Autodiscover.xml" ''
		81	<?xml version="1.0" encoding="utf-8" ?>
		82	<Autodiscover xmlns="http://schemas.microsoft.com/exchange/autodiscover/responseschema/2006">
		83	<Response xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a">
		84	<User>
		85	<DisplayName>Name</DisplayName>
		86	</User>
		87	<Account>
		88	<AccountType>email</AccountType>
		89	<Action>settings</Action>
		90	<Protocol>
		91	<Type>IMAP</Type>
		92	<TTL>1</TTL>
		93	<Server>imap.immae.eu</Server>
		94	<Port>143</Port>
		95	<DomainRequired>on</DomainRequired>
		96	<SPA>off</SPA>
		97	<SSL>off</SSL>
		98	<AuthRequired>on</AuthRequired>
		99	</Protocol>
		100	<Protocol>
		101	<Type>POP3</Type>
		102	<TTL>1</TTL>
		103	<Server>pop3.immae.eu</Server>
		104	<Port>110</Port>
		105	<DomainRequired>on</DomainRequired>
		106	<SPA>off</SPA>
		107	<SSL>off</SSL>
		108	<AuthRequired>on</AuthRequired>
		109	</Protocol>
		110	<Protocol>
		111	<Type>SMTP</Type>
		112	<TTL>1</TTL>
		113	<Server>smtp.immae.eu</Server>
		114	<Port>587</Port>
		115	<DomainRequired>on</DomainRequired>
		116	<SPA>off</SPA>
		117	<SSL>off</SSL>
		118	<AuthRequired>on</AuthRequired>
		119	</Protocol>
		120	<Protocol>
		121	<Type>IMAP</Type>
		122	<TTL>1</TTL>
		123	<Server>imap.immae.eu</Server>
		124	<Port>993</Port>
		125	<DomainRequired>on</DomainRequired>
		126	<SPA>off</SPA>
		127	<SSL>on</SSL>
		128	<AuthRequired>on</AuthRequired>
		129	</Protocol>
		130	<Protocol>
		131	<Type>POP3</Type>
		132	<TTL>1</TTL>
		133	<Server>pop3.immae.eu</Server>
		134	<Port>995</Port>
		135	<DomainRequired>on</DomainRequired>
		136	<SPA>off</SPA>
		137	<SSL>on</SSL>
		138	<AuthRequired>on</AuthRequired>
		139	</Protocol>
		140	<Protocol>
		141	<Type>SMTP</Type>
		142	<TTL>1</TTL>
		143	<Server>smtp.immae.eu</Server>
		144	<Port>465</Port>
		145	<DomainRequired>on</DomainRequired>
		146	<SPA>off</SPA>
		147	<SSL>on</SSL>
		148	<AuthRequired>on</AuthRequired>
		149	</Protocol>
		150	</Account>
		151	</Response>
		152	</Autodiscover>
		153	'';
		154	in
		155	pkgs.runCommand "autoconfig" {} ''
		156	mkdir -p $out/mail
		157	ln -s ${autoconfig} $out/mail/config-v1.1.xml
		158	mkdir -p $out/AutoDiscover
		159	ln -s ${autodiscover} $out/AutoDiscover/AutoDiscover.xml
		160	mkdir -p $out/Autodiscover
		161	ln -s ${autodiscover} $out/Autodiscover/Autodiscover.xml
		162	mkdir -p $out/autodiscover
		163	ln -s ${autodiscover} $out/autodiscover/autodiscover.xml
		164	'';
20	cfg = config.myServices.websites.tools.email;	165	cfg = config.myServices.websites.tools.email;
21	in	166	in
22	{	167	{
23	config = lib.mkIf cfg.enable {	168	config = lib.mkIf cfg.enable {
24	security.acme.certs.mail.extraDomainNames = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains;	169	security.acme.certs.mail.extraDomainNames =
		170	[ "mta-sts.mail.immae.eu" "autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ]
		171	++ map (v: "mta-sts.${v.fqdn}") domains
		172	++ map (v: "autoconfig.${v.fqdn}") domains
		173	++ map (v: "autodiscover.${v.fqdn}") domains;
25	services.websites.env.tools.vhostConfs.mta_sts = {	174	services.websites.env.tools.vhostConfs.mta_sts = {
26	certName = "mail";	175	certName = "mail";
27	hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains;	176	hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains;
@@ -38,5 +187,20 @@ in
38	''	187	''
39	];	188	];
40	};	189	};
		190	services.websites.env.tools.vhostConfs.mail_autoconfig = {
		191	certName = "mail";
		192	hosts = ["autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ]
		193	++ map (v: "autoconfig.${v.fqdn}") domains
		194	++ map (v: "autodiscover.${v.fqdn}") domains;
		195	root = autoconfigRoot;
		196	extraConfig = [
		197	''
		198	<Directory ${autoconfigRoot}>
		199	Require all granted
		200	Options -Indexes
		201	</Directory>
		202	''
		203	];
		204	};
41	};	205	};
42	}	206	}