30 lines
812 B
Nix
30 lines
812 B
Nix
{ ... }:
|
|
let
|
|
root_host = "grimmauld.de";
|
|
mail_host = "mail.${root_host}";
|
|
in {
|
|
security.acme.certs."${root_host}".extraDomainNames = [ mail_host ];
|
|
|
|
|
|
mailserver = {
|
|
enable = true;
|
|
fqdn = mail_host;
|
|
domains = [ root_host ];
|
|
|
|
# A list of all login accounts. To create the password hashes, use
|
|
# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
|
|
loginAccounts = {
|
|
"contact@${root_host}" = {
|
|
hashedPasswordFile = ./mailpass/contact;
|
|
aliases = ["kontakt@${root_host}"];
|
|
};
|
|
};
|
|
|
|
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
|
# down nginx and opens port 80.
|
|
certificateScheme = "manual";
|
|
certificateFile = "/var/lib/acme/${root_host}/fullchain.pem";
|
|
keyFile = "/var/lib/acme/${root_host}/key.pem";
|
|
};
|
|
}
|