{ config, lib, pkgs, self, ... }: let postfixConfig = pkgs.writeTextFile { name = "main.cf"; text = builtins.readFile ./postfix/main.cf; }; in { system.activationScripts.mkMailmanNet = let docker = config.virtualisation.oci-containers.backend; dockerBin = "${pkgs.${docker}}/bin/${docker}"; in '' ${dockerBin} network inspect mailman-net >/dev/null 2>&1 || ${dockerBin} network create mailman-net --subnet 172.20.1.0/24 ''; users.users.mailman = { description = "Mailman Service"; home = "/var/lib/mailman"; useDefaultShell = true; uid = 993; # Group hakkonaut so caddy can serve the static files from mailman-web directly group = "hakkonaut"; isSystemUser = true; }; systemd.tmpfiles.rules = [ "d '/var/lib/mailman' 0750 mailman hakkonaut - -" ]; age.secrets.mailman-core-secrets = { file = "${self}/secrets/mailman-core-secrets.age"; mode = "600"; owner = "mailman"; }; age.secrets.mailman-web-secrets = { file = "${self}/secrets/mailman-web-secrets.age"; mode = "600"; owner = "mailman"; }; age.secrets.mailman-db-secrets = { file = "${self}/secrets/mailman-db-secrets.age"; mode = "600"; owner = "mailman"; }; virtualisation = { docker = { enable = true; }; oci-containers = { backend = "docker"; containers."mailman-core" = { image = "maxking/mailman-core:0.4"; autoStart = true; user = "993"; volumes = [ "/var/lib/mailman/core:/opt/mailman/" ]; extraOptions = [ "--network=mailman-net" ]; environment = { DATABASE_TYPE = "postgres"; DATABASE_CLASS = "mailman.database.postgresql.PostgreSQLDatabase"; MTA = "postfix"; }; environmentFiles = [ config.age.secrets.mailman-core-secrets.path ]; ports = [ "127.0.0.1:8001:8001" # API "127.0.0.1:8024:8024" # LMTP - incoming emails ]; }; containers."mailman-web" = { image = "maxking/mailman-web:0.4"; autoStart = true; user = "993"; volumes = [ "/var/lib/mailman/web:/opt/mailman-web-data" ]; extraOptions = [ "--network=mailman-net" ]; environment = { DATABASE_TYPE = "postgres"; SERVE_FROM_DOMAIN = "list.pub.solar"; MAILMAN_ADMIN_USER = "admin"; MAILMAN_ADMIN_EMAIL = "admins@pub.solar"; }; environmentFiles = [ config.age.secrets.mailman-web-secrets.path ]; ports = [ "127.0.0.1:8000:8000" # HTTP # "127.0.0.1:8080:8080" # uwsgi ]; }; containers."mailman-db" = { image = "postgres:14-alpine"; autoStart = true; user = "993"; extraOptions = [ "--network=mailman-net" ]; volumes = [ "/var/lib/mailman/database:/var/lib/postgresql/data" ]; environmentFiles = [ config.age.secrets.mailman-db-secrets.path ]; }; containers."mailman-postfix" = { image = "mailu/postfix:1.9.46"; autoStart = true; user = "993"; extraOptions = [ "--network=mailman-net" ]; volumes = [ "/var/lib/mailman/postfix/overrides:/overrides:ro" "/var/lib/mailman/postfix/mailqueue:/var/spool/postfix" "/var/lib/mailman/postfix/data:/var/lib/postfix" "/var/lib/mailman/core:/var/lib/mailman/core" "${postfixConfig}:/etc/postfix/main.cf" ]; environmentFiles = [ config.age.secrets.mailman-db-secrets.path ]; }; }; }; }