2023-11-12 17:33:58 +00:00
|
|
|
{
|
|
|
|
|
pkgs,
|
|
|
|
|
lib,
|
2023-11-12 20:45:02 +00:00
|
|
|
flake,
|
2023-11-12 17:33:58 +00:00
|
|
|
...
|
|
|
|
|
}: {
|
|
|
|
|
age.secrets."mail@b12f.io-password" = {
|
|
|
|
|
file = "${flake.self}/secrets/mail@b12f.io-password.age";
|
|
|
|
|
mode = "400";
|
2023-11-12 23:19:53 +00:00
|
|
|
# owner = "maddy";
|
2023-11-12 17:33:58 +00:00
|
|
|
};
|
|
|
|
|
|
2023-11-12 20:45:02 +00:00
|
|
|
services.caddy.virtualHosts = {
|
|
|
|
|
"mail.b12f.io" = {
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
respond "404 Not Found"
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-11-12 17:33:58 +00:00
|
|
|
services.maddy = {
|
2023-11-12 20:45:02 +00:00
|
|
|
enable = false;
|
|
|
|
|
|
|
|
|
|
openFirewall = true;
|
|
|
|
|
|
2023-11-12 17:33:58 +00:00
|
|
|
primaryDomain = "b12f.io";
|
|
|
|
|
|
|
|
|
|
ensureAccounts = [
|
|
|
|
|
"mail@b12f.io"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
ensureCredentials = {
|
|
|
|
|
# Do not use this in production. This will make passwords world-readable
|
|
|
|
|
# in the Nix store
|
|
|
|
|
"mail@b12f.io".passwordFile = "${pkgs.writeText "postmaster" "test"}";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
tls = {
|
|
|
|
|
certificates = [
|
|
|
|
|
{
|
|
|
|
|
keyPath = "";
|
|
|
|
|
certPath = "";
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
}
|
