From 71dc7ecdd1981fc99bb9d8cc6c39c38f9dc0f59f Mon Sep 17 00:00:00 2001 From: "hermitcollective.net" Date: Mon, 30 Oct 2023 12:27:52 +0100 Subject: [PATCH] added email.nix :D --- configuration.nix | 1 + services/email.nix | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100644 services/email.nix diff --git a/configuration.nix b/configuration.nix index 843fd47..267e766 100644 --- a/configuration.nix +++ b/configuration.nix @@ -8,6 +8,7 @@ # Services ./services/ssh.nix ./services/nginx.nix + ./services/email.nix ./services/nextcloud.nix ./services/tt-rss.nix ./services/owncast.nix diff --git a/services/email.nix b/services/email.nix new file mode 100644 index 0000000..cb26bb7 --- /dev/null +++ b/services/email.nix @@ -0,0 +1,30 @@ +{ config, pkgs, ... }: { + imports = [ + (builtins.fetchTarball { + # Pick a release version you are interested in and set its hash, e.g. + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-23.05/nixos-mailserver-nixos-23.05.tar.gz"; + # To get the sha256 of the nixos-mailserver tarball, we can use the nix-prefetch-url command: + # release="nixos-23.05"; nix-prefetch-url "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz" --unpack + sha256 = "1ngil2shzkf61qxiqw11awyl81cr7ks2kv3r3k243zz7v2xakm5c"; + }) + ]; + + mailserver = { + enable = true; + fqdn = "mail.hermitcollective.net"; + domains = [ "hermitcollective.net" ]; + + # A list of all login accounts. To create the password hashes, use + # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' + loginAccounts = { + "hertog@hermitcollective.net" = { + hashedPasswordFile = "/etc/email-passwords/hertog"; + aliases = ["jan@hermitcollective.net"]; + }; + }; + + # Use Let's Encrypt certificates. Note that this needs to set up a stripped + # down nginx and opens port 80. + certificateScheme = "acme-nginx"; + }; +}