diff --git a/modules/nixos/mail-server/autodiscover.nix b/modules/nixos/mail-server/autodiscover.nix
new file mode 100644
index 0000000..26b30d9
--- /dev/null
+++ b/modules/nixos/mail-server/autodiscover.nix
@@ -0,0 +1,110 @@
+{
+ config,
+ lib,
+ pkgs,
+ ...
+}:
+let
+ mkThunderbirdAutoconfig = domain:
+ pkgs.writeText "autoconfig-${domain}.xml" ''
+
+
+
+ ${domain}
+ ${domain}
+ ${domain}
+
+
+ ${config.mailserver.fqdn}
+ 993
+ SSL
+ %EMAILADDRESS%
+ password-cleartext
+
+
+
+ ${config.mailserver.fqdn}
+ 587
+ STARTTLS
+ %EMAILADDRESS%
+ password-cleartext
+
+
+
+ '';
+
+ mkOutlookAutodiscover = domain:
+ pkgs.writeText "autodiscover-${domain}.xml" ''
+
+
+
+
+ email
+ settings
+
+
+ IMAP
+ ${config.mailserver.fqdn}
+ 993
+ %EMAILADDRESS%
+ on
+ on
+
+
+
+ SMTP
+ ${config.mailserver.fqdn}
+ 587
+ %EMAILADDRESS%
+ on
+ TLS
+ on
+ off
+
+
+
+
+ '';
+
+ mailDiscoveryVirtualHosts =
+ lib.listToAttrs (
+ lib.concatMap (
+ domain:
+ let
+ autoconfigXml = mkThunderbirdAutoconfig domain;
+ autodiscoverXml = mkOutlookAutodiscover domain;
+ in
+ [
+ {
+ name = "autoconfig.${domain}";
+ value = {
+ enableACME = true;
+ forceSSL = true;
+ locations."= /mail/config-v1.1.xml".extraConfig = ''
+ default_type application/xml;
+ alias ${autoconfigXml};
+ '';
+ };
+ }
+ {
+ name = "autodiscover.${domain}";
+ value = {
+ enableACME = true;
+ forceSSL = true;
+ locations."= /autodiscover/autodiscover.xml".extraConfig = ''
+ default_type application/xml;
+ alias ${autodiscoverXml};
+ '';
+ };
+ }
+ ]
+ ) config.mailserver.domains
+ );
+in
+{
+ networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+ services.nginx.virtualHosts = mailDiscoveryVirtualHosts // {
+ ${config.mailserver.fqdn}.enableACME = true;
+ };
+}
diff --git a/modules/nixos/mail-server/default.nix b/modules/nixos/mail-server/default.nix
index d433a16..b4a6492 100644
--- a/modules/nixos/mail-server/default.nix
+++ b/modules/nixos/mail-server/default.nix
@@ -1,5 +1,6 @@
{
imports = [
+ ./autodiscover.nix
./mail.nix
./roundcube.nix
];
diff --git a/modules/nixos/mail-server/mail.nix b/modules/nixos/mail-server/mail.nix
index 4b75dcc..66c8a0a 100644
--- a/modules/nixos/mail-server/mail.nix
+++ b/modules/nixos/mail-server/mail.nix
@@ -1,11 +1,9 @@
-{ config, ... }:
+{ ... }:
{
security.acme = {
acceptTerms = true;
defaults.email = "postmaster@billenius.com";
};
- networking.firewall.allowedTCPPorts = [ 80 ];
- services.nginx.virtualHosts.${config.mailserver.fqdn}.enableACME = true;
mailserver = {
enable = true;