61 lines
1.4 KiB
Nix
61 lines
1.4 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
let
|
|
hostname = config.instance.hostname;
|
|
domain-name = config.instance.local-domain;
|
|
|
|
secrets = config.fudo.secrets.host-secrets.${hostname};
|
|
|
|
mail-reader-dn = "mail-auth-reader";
|
|
in {
|
|
options.fudo.france.mail = with types; {
|
|
mail-directory = mkOption {
|
|
type = str;
|
|
description = "Directory to contain user maildirs.";
|
|
};
|
|
|
|
state-directory = mkOption {
|
|
type = str;
|
|
description = "Directory to contain mail-server state.";
|
|
};
|
|
|
|
ldap-server-urls = mkOption {
|
|
type = listOf str;
|
|
description = "List of LDAP server URLs.";
|
|
};
|
|
};
|
|
|
|
config.fudo = {
|
|
system-users = {
|
|
username = mail-reader-dn;
|
|
description = "Used by the mail server to connect to LDAP for auth.";
|
|
ldap-hashed-password =
|
|
pkgs.lib.fudo.passwd.hash-ldap-passwd
|
|
secrets.mail-reader-passwd.target-file;
|
|
};
|
|
|
|
mail-server = {
|
|
enableContainer = true;
|
|
monitoring = true;
|
|
|
|
domain = domain-name;
|
|
mail-hostname = "mail.${domain-name}";
|
|
|
|
dovecot = {
|
|
ldap = {
|
|
reader-dn = "cn=${mail-reader-dn},${config.fudo.auth.ldap.base}";
|
|
reader-password-file = secrets.mail-reader-passwd.target-file;
|
|
server-urls = cfg.ldap-server-urls;
|
|
};
|
|
};
|
|
|
|
state-directory = cfg.state-directory;
|
|
mail-directory = cfg.mail-directory;
|
|
|
|
clamav.enable = true;
|
|
dkim.signing = true;
|
|
};
|
|
};
|
|
}
|