{ config, lib, pkgs, self, ... }: { system.activationScripts.mkMailmanNet = let docker = config.virtualisation.oci-containers.backend; dockerBin = "${pkgs.${docker}}/bin/${docker}"; in '' ${dockerBin} network inspect mailman-net >/dev/null 2>&1 || ${dockerBin} network create mailman-net --subnet 172.20.1.0/24 ''; users.users.mailman = { description = "Mailman Service"; home = "/var/lib/mailman"; useDefaultShell = true; uid = 993; # Group hakkonaut so caddy can serve the static files from mailman-web directly group = "hakkonaut"; isSystemUser = true; }; age.secrets.mailman-core-secrets = { file = "${self}/secrets/mailman-core-secrets.age"; mode = "600"; owner = "mailman"; }; age.secrets.mailman-web-secrets = { file = "${self}/secrets/mailman-web-secrets.age"; mode = "600"; owner = "mailman"; }; age.secrets.mailman-db-secrets = { file = "${self}/secrets/mailman-db-secrets.age"; mode = "600"; owner = "mailman"; }; virtualisation = { docker = { enable = true; }; oci-containers = { backend = "docker"; containers."mailman-core" = { image = "maxking/mailman-core:0.4"; autoStart = true; user = 993; volumes = [ "/var/lib/mailman/core:/opt/mailman/" ]; extraOptions = [ "--network=mailman-net" ]; environment = { DATABASE_TYPE = "postgres"; DATABASE_CLASS = "mailman.database.postgresql.PostgreSQLDatabase"; }; environmentFiles = [ config.age.secrets.mailman-core-secrets.path ]; ports = [ "127.0.0.1:8001:8001" # API "127.0.0.1:8024:8024" # LMTP - incoming emails ]; }; containers."mailman-web" = { image = "maxking/mailman-web:0.4"; autoStart = true; user = 993; volumes = [ "/var/lib/mailman/web:/opt/mailman-web-data"; ]; extraOptions = [ "--network=mailman-net" ]; environment = { DATABASE_TYPE = "postgres"; SERVE_FROM_DOMAIN = "list.pub.solar"; MAILMAN_ADMIN_USER: "admin"; MAILMAN_ADMIN_EMAIL: "admins@pub.solar"; }; environmentFiles = [ config.age.secrets.mailman-web-secrets.path ]; ports = [ "127.0.0.1:8000:8000" # HTTP # "127.0.0.1:8080:8080" # uwsgi ]; }; containers."mailman-db" = { image = "postgres:14-alpine"; autoStart = true; user = 993; extraOptions = [ "--network=mailman-net" ]; volumes = [ "/var/lib/mailman/database:/var/lib/postgresql/data" ]; environmentFiles = [ config.age.secrets.mailman-db-secrets.path }; }; }; }; }