love/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kacper inspirerat

Browse Source
This commit is contained in:
Love
2026-04-07 20:20:26 +02:00
parent b721630485
commit 76b7441884
21 changed files with 135 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/nixos/mail-server/default.nix
+6
View File
@@ -0,0 +1,6 @@
{
imports = [
./mail.nix
./roundcube.nix
];
}
modules/nixos/mail-server/mail.nix
+24
View File
@@ -0,0 +1,24 @@
{ config, ... }:
{
security.acme.acceptTerms = true;
networking.firewall.allowedTCPPorts = [ 80 ];
services.nginx.virtualHosts.${config.mailserver.fqdn}.enableACME = true;
mailserver = {
enable = true;
stateVersion = 4;
fqdn = "mail.billenius.com";
domains = [ "billenius.com" ];
x509.useACMEHost = config.mailserver.fqdn;
# A list of all login accounts. To create the password hashes, use
# nix-shell -p mkpasswd --run 'mkpasswd -s'
accounts = {
"love@billenius.com" = {
hashedPasswordFile = ../../../resources/mail-server/love@billenius.com;
aliases = [ "postmaster@billenius.com" ];
};
};
};
}
modules/nixos/mail-server/roundcube.nix
+46
View File
@@ -0,0 +1,46 @@
{
config,
pkgs,
...
}:
{
services.roundcube = {
enable = true;
hostName = "mail.billenius.com";
package = pkgs.roundcube.withPlugins (
plugins: with plugins; [
persistent_login
]
);
plugins = [
"persistent_login"
"managesieve" # built-in
];
dicts = with pkgs.aspellDicts; [
# https://search.nixos.org/packages?query=aspellDicts
en
sv
];
maxAttachmentSize = config.mailserver.messageSizeLimit / 1024 / 1024;
extraConfig = ''
$config['imap_host'] = "ssl://${config.mailserver.fqdn}";
$config['smtp_host'] = "ssl://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
$config['managesieve_host'] = "tls://${config.mailserver.fqdn}";
$config['managesieve_port'] = 4190;
$config['managesieve_usetls'] = true;
'';
};
services.nginx.virtualHosts.${config.services.roundcube.hostName} = {
enableACME = true;
forceSSL = true;
};
networking.firewall.allowedTCPPorts = [
80
443
];
}