public
/
mail-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Put imports in config

This commit is contained in:
niten 2023-09-24 10:12:42 -07:00
parent 765792dc54
commit b08c13d6aa
1 changed files with 107 additions and 117 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

224
mail-server.nix
View File

@ -202,53 +202,51 @@ in {
}; };
nixos = { nixos = {
useSystemd = true; useSystemd = true;
configuration = [ configuration = {
(import ./postfix.nix) imports = [ ./dovecot.nix ./postfix.nix ];
(import ./dovecot.nix)
{
boot.tmpOnTmpfs = true;
system.nssModules = lib.mkForce [ ];
fudo.mail.postfix = { boot.tmpOnTmpfs = true;
enable = true; system.nssModules = lib.mkForce [ ];
debug = cfg.debug;
domain = cfg.primary-domain; fudo.mail.postfix = {
local-domains = cfg.extra-domains; enable = true;
hostname = cfg.smtp.hostname; debug = cfg.debug;
trusted-networks = cfg.trusted-networks; domain = cfg.primary-domain;
blacklist = { local-domains = cfg.extra-domains;
senders = cfg.blacklist.senders; hostname = cfg.smtp.hostname;
recipients = cfg.blacklist.recipients; trusted-networks = cfg.trusted-networks;
dns = cfg.blacklist.dns; blacklist = {
}; senders = cfg.blacklist.senders;
aliases = { recipients = cfg.blacklist.recipients;
user-aliases = cfg.user-aliases; dns = cfg.blacklist.dns;
alias-users = cfg.alias-users;
};
ssl = {
certificate =
"/run/certs/smtp/fullchain.pem"; # FIXME: or just cert?
private-key = "/run/certs/smtp/key.pem";
};
sasl-domain = cfg.sasl-domain;
message-size-limit = cfg.message-size-limit;
ports = { metrics = metricsPort; };
rspamd-server = {
host = "antispam";
port = antispamPort;
};
lmtp-server = {
host = "imap";
port = lmtpPort;
};
dkim-server = {
host = "dkim";
port = dkimPort;
};
ldap-conf = "/run/dovecot2/conf.d/ldap.conf";
}; };
} aliases = {
]; user-aliases = cfg.user-aliases;
alias-users = cfg.alias-users;
};
ssl = {
certificate =
"/run/certs/smtp/fullchain.pem"; # FIXME: or just cert?
private-key = "/run/certs/smtp/key.pem";
};
sasl-domain = cfg.sasl-domain;
message-size-limit = cfg.message-size-limit;
ports = { metrics = metricsPort; };
rspamd-server = {
host = "antispam";
port = antispamPort;
};
lmtp-server = {
host = "imap";
port = lmtpPort;
};
dkim-server = {
host = "dkim";
port = dkimPort;
};
ldap-conf = "/run/dovecot2/conf.d/ldap.conf";
};
};
}; };
}; };
imap = { imap = {
@ -264,35 +262,33 @@ in {
}; };
nixos = { nixos = {
useSystemd = true; useSystemd = true;
configuration = [ configuration = {
(import ./dovecot.nix) imports = [ ./dovecot.nix ];
{ boot.tmpOnTmpfs = true;
boot.tmpOnTmpfs = true; system.nssModules = lib.mkForce [ ];
system.nssModules = lib.mkForce [ ]; fudo.mail.dovecot = {
fudo.mail.dovecot = { enable = true;
enable = true; debug = cfg.debug;
debug = cfg.debug; state-directory = "/state";
state-directory = "/state"; ports = {
ports = { lmtp = lmtpPort;
lmtp = lmtpPort; auth = authPort;
auth = authPort; userdb = userdbPort;
userdb = userdbPort; metrics = metricsPort;
metrics = metricsPort;
};
mail-user = cfg.mail-user;
mail-group = cfg.mail-group;
ssl = {
certificate = "/run/certs/imap/fullchain.pem";
private-key = "/run/certs/imap/key.pem";
};
rspamd = {
host = "antispam";
port = antispamPort;
};
ldap-conf = "/run/dovecot2/conf.d/ldap.conf";
}; };
} mail-user = cfg.mail-user;
]; mail-group = cfg.mail-group;
ssl = {
certificate = "/run/certs/imap/fullchain.pem";
private-key = "/run/certs/imap/key.pem";
};
rspamd = {
host = "antispam";
port = antispamPort;
};
ldap-conf = "/run/dovecot2/conf.d/ldap.conf";
};
};
}; };
}; };
ldap-proxy.service = mkIf (cfg.ldap-proxy != null) { ldap-proxy.service = mkIf (cfg.ldap-proxy != null) {
@ -315,25 +311,23 @@ in {
}; };
nixos = { nixos = {
useSystemd = true; useSystemd = true;
configuration = [ configuration = {
(import ./rspamd.nix) imports = [ ./rspamd.nix ];
{ boot.tmpOnTmpfs = true;
boot.tmpOnTmpfs = true; system.nssModules = lib.mkForce [ ];
system.nssModules = lib.mkForce [ ]; fudo.mail.rspamd = {
fudo.mail.rspamd = { enable = true;
enable = true; ports = {
ports = { milter = antispamPort;
milter = antispamPort; controller = antispamControllerPort;
controller = antispamControllerPort; metrics = metricsPort;
metrics = metricsPort;
};
antivirus = {
host = "antivirus";
port = antivirusPort;
};
}; };
} antivirus = {
]; host = "antivirus";
port = antivirusPort;
};
};
};
}; };
}; };
antivirus = { antivirus = {
@ -348,18 +342,16 @@ in {
}; };
nixos = { nixos = {
useSystemd = true; useSystemd = true;
configuration = [ configuration = {
(import ./clamav.nix) imports = [ ./clamav.nix ];
{ boot.tmpOnTmpfs = true;
boot.tmpOnTmpfs = true; system.nssModules = lib.mkForce [ ];
system.nssModules = lib.mkForce [ ]; fudo.mail.clamav = {
fudo.mail.clamav = { enable = true;
enable = true; state-directory = "/state";
state-directory = "/state"; port = antispamPort;
port = antispamPort; };
}; };
}
];
}; };
}; };
dkim = { dkim = {
@ -370,20 +362,18 @@ in {
}; };
nixos = { nixos = {
useSystemd = true; useSystemd = true;
configuration = [ configuration = {
(import ./dkim.nix) imports = [ ./dkim.nix ];
{ boot.tmpOnTmpfs = true;
boot.tmpOnTmpfs = true; system.nssModules = lib.mkForce [ ];
system.nssModules = lib.mkForce [ ]; fudo.mail.dkim = {
fudo.mail.dkim = { enable = true;
enable = true; debug = cfg.debug;
debug = cfg.debug; domains = [ cfg.primary-domain ] ++ cfg.extra-domains;
domains = [ cfg.primary-domain ] ++ cfg.extra-domains; };
}; port = dkimPort;
port = dkimPort; state-directory = "/state";
state-directory = "/state"; };
}
];
}; };
}; };
metrics-proxy = { metrics-proxy = {