os/hosts/flora-6/mailman.nix
Benjamin Bädorf 5ade1c028f
All checks were successful
continuous-integration/drone/push Build is passing
Build works
2023-01-31 21:32:16 +01:00

115 lines
2.8 KiB
Nix

{
config,
lib,
pkgs,
self,
...
}: {
system.activationScripts.mkMailmanNet = let
docker = config.virtualisation.oci-containers.backend;
dockerBin = "${pkgs.${docker}}/bin/${docker}";
in ''
${dockerBin} network inspect mailman-net >/dev/null 2>&1 || ${dockerBin} network create mailman-net --subnet 172.20.1.0/24
'';
users.users.mailman = {
description = "Mailman Service";
home = "/var/lib/mailman";
useDefaultShell = true;
uid = 993;
# Group hakkonaut so caddy can serve the static files from mailman-web directly
group = "hakkonaut";
isSystemUser = true;
};
age.secrets.mailman-core-secrets = {
file = "${self}/secrets/mailman-core-secrets.age";
mode = "600";
owner = "mailman";
};
age.secrets.mailman-web-secrets = {
file = "${self}/secrets/mailman-web-secrets.age";
mode = "600";
owner = "mailman";
};
age.secrets.mailman-db-secrets = {
file = "${self}/secrets/mailman-db-secrets.age";
mode = "600";
owner = "mailman";
};
virtualisation = {
docker = {
enable = true;
};
oci-containers = {
backend = "docker";
containers."mailman-core" = {
image = "maxking/mailman-core:0.4";
autoStart = true;
user = "993";
volumes = [
"/var/lib/mailman/core:/opt/mailman/"
];
extraOptions = [
"--network=mailman-net"
];
environment = {
DATABASE_TYPE = "postgres";
DATABASE_CLASS = "mailman.database.postgresql.PostgreSQLDatabase";
};
environmentFiles = [
config.age.secrets.mailman-core-secrets.path
];
ports = [
"127.0.0.1:8001:8001" # API
"127.0.0.1:8024:8024" # LMTP - incoming emails
];
};
containers."mailman-web" = {
image = "maxking/mailman-web:0.4";
autoStart = true;
user = "993";
volumes = [
"/var/lib/mailman/web:/opt/mailman-web-data"
];
extraOptions = [
"--network=mailman-net"
];
environment = {
DATABASE_TYPE = "postgres";
SERVE_FROM_DOMAIN = "list.pub.solar";
MAILMAN_ADMIN_USER = "admin";
MAILMAN_ADMIN_EMAIL = "admins@pub.solar";
};
environmentFiles = [
config.age.secrets.mailman-web-secrets.path
];
ports = [
"127.0.0.1:8000:8000" # HTTP
# "127.0.0.1:8080:8080" # uwsgi
];
};
containers."mailman-db" = {
image = "postgres:14-alpine";
autoStart = true;
user = "993";
extraOptions = [
"--network=mailman-net"
];
volumes = [
"/var/lib/mailman/database:/var/lib/postgresql/data"
];
environmentFiles = [
config.age.secrets.mailman-db-secrets.path
];
};
};
};
}