From 6ce9fbebb8f1da12911e40ad9b01666c3df42b60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 13 Oct 2023 13:57:09 +0200 Subject: Add mail autoconfiguration --- systems/eldiron/dns.nix | 5 + systems/eldiron/websites/default.nix | 69 +++++++++++++ systems/eldiron/websites/mail/mta-sts.nix | 166 +++++++++++++++++++++++++++++- 3 files changed, 239 insertions(+), 1 deletion(-) (limited to 'systems') diff --git a/systems/eldiron/dns.nix b/systems/eldiron/dns.nix index b076f62..3d5aafa 100644 --- a/systems/eldiron/dns.nix +++ b/systems/eldiron/dns.nix @@ -93,6 +93,11 @@ in # DMARC # p needs to be the first tag _dmarc.TXT = [ (toKV { _00__v = "DMARC1"; _01__p = if quarantine then "quarantine" else "none"; adkim = "s"; aspf = "s"; fo = "1"; rua = "mailto:postmaster+rua@immae.eu"; ruf = "mailto:postmaster+ruf@immae.eu"; }) ]; + + # Autoconfiguration for Outlook + autodiscover = ips servers.eldiron.ips.main; + # Autoconfiguration for Mozilla + autoconfig = ips servers.eldiron.ips.main; }; # SPF diff --git a/systems/eldiron/websites/default.nix b/systems/eldiron/websites/default.nix index 68205de..feecc31 100644 --- a/systems/eldiron/websites/default.nix +++ b/systems/eldiron/websites/default.nix @@ -78,6 +78,75 @@ let ''; }; + mail-autoconfig = { + extraConfig = let + autoconfig = pkgs.writeTextDir "config-v1.1.xml" '' + + + + mail.immae.eu + %EMAILDOMAIN% + Immae E-mail + Immae E-mail + + + imap.immae.eu + 143 + STARTTLS + %EMAILADDRESS% + password-cleartext + + + + imap.immae.eu + 993 + SSL + %EMAILADDRESS% + password-cleartext + + + + pop.immae.eu + 110 + STARTTLS + %EMAILADDRESS% + password-cleartext + + + + pop.immae.eu + 995 + SSL + %EMAILADDRESS% + password-cleartext + + + + smtp.immae.eu + 587 + STARTTLS + %EMAILADDRESS% + password-cleartext + + + + smtp.immae.eu + 465 + SSL + %EMAILADDRESS% + password-cleartext + + + + ''; + in '' + Alias /.well-known/autoconfig/mail "${autoconfig}" + + AllowOverride None + Require all granted + + ''; + }; apaxy = { extraConfig = (mypackages-lib.apache-theme { inherit theme_root; }).apacheConfig; }; diff --git a/systems/eldiron/websites/mail/mta-sts.nix b/systems/eldiron/websites/mail/mta-sts.nix index 2438702..240bcdb 100644 --- a/systems/eldiron/websites/mail/mta-sts.nix +++ b/systems/eldiron/websites/mail/mta-sts.nix @@ -17,11 +17,160 @@ let "cp ${file d} $out/${d.fqdn}.txt" ) domains)} ''; + autoconfigRoot = + let autoconfig = pkgs.writeText "config-v1.1.xml" '' + + + + mail.immae.eu + %EMAILDOMAIN% + Immae E-mail + Immae E-mail + + + imap.immae.eu + 143 + STARTTLS + %EMAILADDRESS% + password-cleartext + + + + imap.immae.eu + 993 + SSL + %EMAILADDRESS% + password-cleartext + + + + pop.immae.eu + 110 + STARTTLS + %EMAILADDRESS% + password-cleartext + + + + pop.immae.eu + 995 + SSL + %EMAILADDRESS% + password-cleartext + + + + smtp.immae.eu + 587 + STARTTLS + %EMAILADDRESS% + password-cleartext + + + + smtp.immae.eu + 465 + SSL + %EMAILADDRESS% + password-cleartext + + + + ''; + autodiscover = pkgs.writeText "Autodiscover.xml" '' + + + + + Name + + + email + settings + + IMAP + 1 + imap.immae.eu + 143 + on + off + off + on + + + POP3 + 1 + pop3.immae.eu + 110 + on + off + off + on + + + SMTP + 1 + smtp.immae.eu + 587 + on + off + off + on + + + IMAP + 1 + imap.immae.eu + 993 + on + off + on + on + + + POP3 + 1 + pop3.immae.eu + 995 + on + off + on + on + + + SMTP + 1 + smtp.immae.eu + 465 + on + off + on + on + + + + + ''; + in + pkgs.runCommand "autoconfig" {} '' + mkdir -p $out/mail + ln -s ${autoconfig} $out/mail/config-v1.1.xml + mkdir -p $out/AutoDiscover + ln -s ${autodiscover} $out/AutoDiscover/AutoDiscover.xml + mkdir -p $out/Autodiscover + ln -s ${autodiscover} $out/Autodiscover/Autodiscover.xml + mkdir -p $out/autodiscover + ln -s ${autodiscover} $out/autodiscover/autodiscover.xml + ''; cfg = config.myServices.websites.tools.email; in { config = lib.mkIf cfg.enable { - security.acme.certs.mail.extraDomainNames = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains; + security.acme.certs.mail.extraDomainNames = + [ "mta-sts.mail.immae.eu" "autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ] + ++ map (v: "mta-sts.${v.fqdn}") domains + ++ map (v: "autoconfig.${v.fqdn}") domains + ++ map (v: "autodiscover.${v.fqdn}") domains; services.websites.env.tools.vhostConfs.mta_sts = { certName = "mail"; hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.fqdn}") domains; @@ -38,5 +187,20 @@ in '' ]; }; + services.websites.env.tools.vhostConfs.mail_autoconfig = { + certName = "mail"; + hosts = ["autoconfig.mail.immae.eu" "autodiscover.mail.immae.eu" ] + ++ map (v: "autoconfig.${v.fqdn}") domains + ++ map (v: "autodiscover.${v.fqdn}") domains; + root = autoconfigRoot; + extraConfig = [ + '' + + Require all granted + Options -Indexes + + '' + ]; + }; }; } -- cgit v1.2.3