grimm-nix-server/modules/email.nix

{ ... }: 
let
  root_host = "grimmauld.de";
  mail_host = "mail.${root_host}";
in {
  security.acme.certs."${root_host}".extraDomainNames = [ mail_host ];

  services.dovecot2.sieve.extensions = [ "fileinto" ]; # sives break without this for some reason
  mailserver = {
    enable = true;
    fqdn = mail_host;
    domains = [ root_host ];

    # A list of all login accounts. To create the password hashes, use
    # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
    loginAccounts = {
      "contact@${root_host}" = {
        hashedPasswordFile = ./mailpass/contact;
        aliases = ["kontakt@${root_host}"];
      };
      "admin@${root_host}" = {
        hashedPasswordFile = ./mailpass/admin;
      };
    };

    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
    # down nginx and opens port 80.
    certificateScheme = "manual";
    certificateFile = "/var/lib/acme/${root_host}/fullchain.pem";
    keyFile = "/var/lib/acme/${root_host}/key.pem";
  };

    services.nginx = {
    enable = true;
    virtualHosts."${mail_host}" = { # you should NOT be here from a browser :P
      serverName = mail_host;
      forceSSL = true;
      useACMEHost = root_host;
      locations."/" = {
        return = "307 https://${root_host}";
      };
    };
  };
}
add simple mail server, and it actually works! 2023-12-29 10:23:10 +01:00			`{ ... }:`
			`let`
			`root_host = "grimmauld.de";`
			`mail_host = "mail.${root_host}";`
			`in {`
			`security.acme.certs."${root_host}".extraDomainNames = [ mail_host ];`

f@h, some misc fixes because updates 2024-01-28 10:34:03 +01:00			`services.dovecot2.sieve.extensions = [ "fileinto" ]; # sives break without this for some reason`
add simple mail server, and it actually works! 2023-12-29 10:23:10 +01:00			`mailserver = {`
			`enable = true;`
			`fqdn = mail_host;`
			`domains = [ root_host ];`

			`# A list of all login accounts. To create the password hashes, use`
			`# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'`
			`loginAccounts = {`
			`"contact@${root_host}" = {`
			`hashedPasswordFile = ./mailpass/contact;`
			`aliases = ["kontakt@${root_host}"];`
			`};`
rudimentary grafana addition. Missing data sources, no clue how to get those. 2023-12-30 11:01:06 +01:00			`"admin@${root_host}" = {`
			`hashedPasswordFile = ./mailpass/admin;`
			`};`
add simple mail server, and it actually works! 2023-12-29 10:23:10 +01:00			`};`

			`# Use Let's Encrypt certificates. Note that this needs to set up a stripped`
			`# down nginx and opens port 80.`
			`certificateScheme = "manual";`
			`certificateFile = "/var/lib/acme/${root_host}/fullchain.pem";`
			`keyFile = "/var/lib/acme/${root_host}/key.pem";`
			`};`
redirect browsers to main page if connecting to mail server vhost 2023-12-29 10:41:25 +01:00
			`services.nginx = {`
			`enable = true;`
			`virtualHosts."${mail_host}" = { # you should NOT be here from a browser :P`
			`serverName = mail_host;`
			`forceSSL = true;`
			`useACMEHost = root_host;`
			`locations."/" = {`
			`return = "307 https://${root_host}";`
			`};`
			`};`
			`};`
add simple mail server, and it actually works! 2023-12-29 10:23:10 +01:00			`}`