36 lines
643 B
Nix
36 lines
643 B
Nix
|
{
|
||
|
pkgs,
|
||
|
lib,
|
||
|
...
|
||
|
}: {
|
||
|
age.secrets."mail@b12f.io-password" = {
|
||
|
file = "${flake.self}/secrets/mail@b12f.io-password.age";
|
||
|
mode = "400";
|
||
|
owner = "maddy";
|
||
|
};
|
||
|
|
||
|
services.maddy = {
|
||
|
enable = true;
|
||
|
primaryDomain = "b12f.io";
|
||
|
|
||
|
ensureAccounts = [
|
||
|
"mail@b12f.io"
|
||
|
];
|
||
|
|
||
|
ensureCredentials = {
|
||
|
# Do not use this in production. This will make passwords world-readable
|
||
|
# in the Nix store
|
||
|
"mail@b12f.io".passwordFile = "${pkgs.writeText "postmaster" "test"}";
|
||
|
};
|
||
|
|
||
|
tls = {
|
||
|
certificates = [
|
||
|
{
|
||
|
keyPath = "";
|
||
|
certPath = "";
|
||
|
}
|
||
|
];
|
||
|
};
|
||
|
};
|
||
|
}
|