{ config, lib, pkgs, self, ... }: let postfixConfig = pkgs.writeTextFile { name = "main.cf"; text = builtins.readFile ./postfix/main.cf; }; in { system.activationScripts.mkMailmanNet = let docker = config.virtualisation.oci-containers.backend; dockerBin = "${pkgs.${docker}}/bin/${docker}"; in '' ${dockerBin} network inspect mailman-net >/dev/null 2>&1 || ${dockerBin} network create mailman-net --subnet 172.20.1.0/24 ''; users.users.mailman = { description = "Mailman Service"; home = "/var/lib/mailman"; useDefaultShell = true; uid = 993; # Group hakkonaut so caddy can serve the static files from mailman-web directly group = "hakkonaut"; isSystemUser = true; }; systemd.tmpfiles.rules = [ "d '/var/lib/mailman' 0750 mailman hakkonaut - -" ]; age.secrets.mailman-core-secrets = { file = "${self}/secrets/mailman-core-secrets.age"; mode = "600"; owner = "mailman"; }; age.secrets.mailman-web-secrets = { file = "${self}/secrets/mailman-web-secrets.age"; mode = "600"; owner = "mailman"; }; age.secrets.mailman-db-secrets = { file = "${self}/secrets/mailman-db-secrets.age"; mode = "600"; owner = "mailman"; }; services.postfix = { enable = true; relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"]; #sslCert = config.security.acme.certs."lists.example.org".directory + "/full.pem"; #sslKey = config.security.acme.certs."lists.example.org".directory + "/key.pem"; config = { transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"]; local_recipient_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"]; }; }; services.mailman = { enable = true; #serve.enable = true; hyperkitty.enable = true; webHosts = ["list.pub.solar"]; siteOwner = "admins@pub.solar"; }; #virtualisation = { # docker = { # enable = true; # }; # oci-containers = { # backend = "docker"; # containers."mailman-core" = { # image = "maxking/mailman-core:0.4"; # autoStart = true; # #user = "993"; # volumes = [ # "/var/lib/mailman/core:/opt/mailman/" # ]; # extraOptions = [ # "--network=mailman-net" # ]; # environment = { # DATABASE_TYPE = "postgres"; # DATABASE_CLASS = "mailman.database.postgresql.PostgreSQLDatabase"; # MTA = "postfix"; # }; # environmentFiles = [ # config.age.secrets.mailman-core-secrets.path # ]; # ports = [ # "127.0.0.1:8001:8001" # API # "127.0.0.1:8024:8024" # LMTP - incoming emails # ]; # }; # containers."mailman-web" = { # image = "maxking/mailman-web:0.4"; # autoStart = true; # #user = "993:992"; # volumes = [ # "/var/lib/mailman/web:/opt/mailman-web-data" # ]; # extraOptions = [ # "--network=mailman-net" # ]; # environment = { # DATABASE_TYPE = "postgres"; # SERVE_FROM_DOMAIN = "list.pub.solar"; # MAILMAN_ADMIN_USER = "admin"; # MAILMAN_ADMIN_EMAIL = "admins@pub.solar"; # }; # environmentFiles = [ # config.age.secrets.mailman-web-secrets.path # ]; # ports = [ # "127.0.0.1:8000:8000" # HTTP # # "127.0.0.1:8080:8080" # uwsgi # ]; # }; # containers."mailman-db" = { # image = "postgres:14-alpine"; # autoStart = true; # user = "993"; # extraOptions = [ # "--network=mailman-net" # ]; # volumes = [ # "/var/lib/mailman/database:/var/lib/postgresql/data" # ]; # environmentFiles = [ # config.age.secrets.mailman-db-secrets.path # ]; # }; # containers."mailman-postfix" = { # image = "mailu/postfix:1.9.46"; # autoStart = true; # #user = "993"; # extraOptions = [ # "--hostname=list.pub.solar" # "--network=mailman-net" # ]; # environment = { # HOSTNAMES = "list.pub.solar"; # FRONT_ADDRESS = "localhost"; # ADMIN_ADDRESS = "localhost"; # ANTISPAM_MILTER_ADDRESS = "localhost:11332"; # LMTP_ADDRESS = "localhost:2525"; # }; # volumes = [ # # https://mailu.io/1.9/faq.html#how-can-i-override-settings # # Docs contain the wrong path to override main.cf, this one works # "${postfixConfig}:/overrides/postfix.cf" # # Configured in main.cf # "/var/lib/mailman/postfix/mailqueue:/var/spool/postfix" # "/var/lib/mailman/postfix/data:/var/lib/postfix" # # Contains postfix transport_maps generated by mailman-core # "/var/lib/mailman/core:/var/lib/mailman/core" # ]; # environmentFiles = [ # config.age.secrets.mailman-db-secrets.path # ]; # }; # }; #}; }