nixfiles/hosts/hetzner-vm/modules/mailserver/ssl.nix

{
  config,
  lib,
  ...
}: let
  mail_config = config.mailserver;
  acmeRoot = "/var/lib/acme/acme-challenge";
in {
  config = lib.mkIf (mail_config.enable && mail_config.ssl_config.useACME) {
    services.nginx = {
      enable = true;
      virtualHosts."${mail_config.fqdn}" = {
        serverName = mail_config.fqdn;
        serverAliases = mail_config.domains;
        forceSSL = true;
        enableACME = true;
        acmeRoot = acmeRoot;
      };
    };

    security.acme.certs."${mail_config.fqdn}" = {
      reloadServices = ["postfix.service" "dovecot2.service"];
    };
  };
}
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`{`
			`config,`
			`lib,`
			`...`
			`}: let`
move mailserver to module 2022-11-17 12:06:16 +00:00			`mail_config = config.mailserver;`
			`acmeRoot = "/var/lib/acme/acme-challenge";`
			`in {`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`config = lib.mkIf (mail_config.enable && mail_config.ssl_config.useACME) {`
move mailserver to module 2022-11-17 12:06:16 +00:00			`services.nginx = {`
			`enable = true;`
			`virtualHosts."${mail_config.fqdn}" = {`
			`serverName = mail_config.fqdn;`
			`serverAliases = mail_config.domains;`
			`forceSSL = true;`
			`enableACME = true;`
			`acmeRoot = acmeRoot;`
			`};`
			`};`

			`security.acme.certs."${mail_config.fqdn}" = {`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`reloadServices = ["postfix.service" "dovecot2.service"];`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`};`
move mailserver to module 2022-11-17 12:06:16 +00:00			`}`