Benjamin Bädorf
f291e88d86
All checks were successful
continuous-integration/drone/push Build is passing
144 lines
3.7 KiB
Nix
144 lines
3.7 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
self,
|
|
...
|
|
}: let
|
|
postfixConfig = pkgs.writeTextFile {
|
|
name = "main.cf";
|
|
text = builtins.readFile ./postfix/main.cf;
|
|
};
|
|
in {
|
|
system.activationScripts.mkMailmanNet = let
|
|
docker = config.virtualisation.oci-containers.backend;
|
|
dockerBin = "${pkgs.${docker}}/bin/${docker}";
|
|
in ''
|
|
${dockerBin} network inspect mailman-net >/dev/null 2>&1 || ${dockerBin} network create mailman-net --subnet 172.20.1.0/24
|
|
'';
|
|
|
|
users.users.mailman = {
|
|
description = "Mailman Service";
|
|
home = "/var/lib/mailman";
|
|
useDefaultShell = true;
|
|
uid = 993;
|
|
# Group hakkonaut so caddy can serve the static files from mailman-web directly
|
|
group = "hakkonaut";
|
|
isSystemUser = true;
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d '/var/lib/mailman' 0750 mailman hakkonaut - -"
|
|
];
|
|
|
|
age.secrets.mailman-core-secrets = {
|
|
file = "${self}/secrets/mailman-core-secrets.age";
|
|
mode = "600";
|
|
owner = "mailman";
|
|
};
|
|
|
|
age.secrets.mailman-web-secrets = {
|
|
file = "${self}/secrets/mailman-web-secrets.age";
|
|
mode = "600";
|
|
owner = "mailman";
|
|
};
|
|
|
|
age.secrets.mailman-db-secrets = {
|
|
file = "${self}/secrets/mailman-db-secrets.age";
|
|
mode = "600";
|
|
owner = "mailman";
|
|
};
|
|
|
|
virtualisation = {
|
|
docker = {
|
|
enable = true;
|
|
};
|
|
|
|
oci-containers = {
|
|
backend = "docker";
|
|
containers."mailman-core" = {
|
|
image = "maxking/mailman-core:0.4";
|
|
autoStart = true;
|
|
user = "993";
|
|
volumes = [
|
|
"/var/lib/mailman/core:/opt/mailman/"
|
|
];
|
|
extraOptions = [
|
|
"--network=mailman-net"
|
|
];
|
|
environment = {
|
|
DATABASE_TYPE = "postgres";
|
|
DATABASE_CLASS = "mailman.database.postgresql.PostgreSQLDatabase";
|
|
MTA = "postfix";
|
|
};
|
|
environmentFiles = [
|
|
config.age.secrets.mailman-core-secrets.path
|
|
];
|
|
ports = [
|
|
"127.0.0.1:8001:8001" # API
|
|
"127.0.0.1:8024:8024" # LMTP - incoming emails
|
|
];
|
|
};
|
|
|
|
containers."mailman-web" = {
|
|
image = "maxking/mailman-web:0.4";
|
|
autoStart = true;
|
|
user = "993";
|
|
volumes = [
|
|
"/var/lib/mailman/web:/opt/mailman-web-data"
|
|
];
|
|
extraOptions = [
|
|
"--network=mailman-net"
|
|
];
|
|
environment = {
|
|
DATABASE_TYPE = "postgres";
|
|
SERVE_FROM_DOMAIN = "list.pub.solar";
|
|
MAILMAN_ADMIN_USER = "admin";
|
|
MAILMAN_ADMIN_EMAIL = "admins@pub.solar";
|
|
};
|
|
environmentFiles = [
|
|
config.age.secrets.mailman-web-secrets.path
|
|
];
|
|
ports = [
|
|
"127.0.0.1:8000:8000" # HTTP
|
|
# "127.0.0.1:8080:8080" # uwsgi
|
|
];
|
|
};
|
|
|
|
containers."mailman-db" = {
|
|
image = "postgres:14-alpine";
|
|
autoStart = true;
|
|
user = "993";
|
|
extraOptions = [
|
|
"--network=mailman-net"
|
|
];
|
|
volumes = [
|
|
"/var/lib/mailman/database:/var/lib/postgresql/data"
|
|
];
|
|
environmentFiles = [
|
|
config.age.secrets.mailman-db-secrets.path
|
|
];
|
|
};
|
|
|
|
containers."mailman-postfix" = {
|
|
image = "mailu/postfix:1.9.46";
|
|
autoStart = true;
|
|
user = "993";
|
|
extraOptions = [
|
|
"--network=mailman-net"
|
|
];
|
|
volumes = [
|
|
"/var/lib/mailman/postfix/overrides:/overrides:ro"
|
|
"/var/lib/mailman/postfix/mailqueue:/var/spool/postfix"
|
|
"/var/lib/mailman/postfix/data:/var/lib/postfix"
|
|
"/var/lib/mailman/core:/var/lib/mailman/core"
|
|
"${postfixConfig}:/etc/postfix/main.cf"
|
|
];
|
|
environmentFiles = [
|
|
config.age.secrets.mailman-db-secrets.path
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|