nixfiles/hosts/hetzner-arm/containers/mail/modules/mailserver/default.nix

{
  config,
  lib,
  ...
}: let
  inherit (lib) types;
  inherit (lib.options) mkEnableOption mkOption;

  cfg = config.services.mailserver;
in {
  options.services.mailserver = {
    enable = mkEnableOption "mailserver";

    fqdn = mkOption {
      type = types.str;
      description = "domain used for mx records";
    };

    domains = mkOption {
      type = types.listOf types.str;
      description = "all domains for receiving mail on";
    };

    debugMode = mkOption {
      type = types.bool;
      default = false;
      description = "enable debug logging on everything";
    };

    sslConfig = {
      useACME = mkOption {
        type = types.bool;
        default = true;
      };
      cert = mkOption {
        type = types.str;
        default = "/var/lib/acme/${cfg.fqdn}/fullchain.pem";
      };
      key = mkOption {
        type = types.str;
        default = "/var/lib/acme/${cfg.fqdn}/key.pem";
      };
    };

    spf = {
      enable = mkOption {
        type = types.bool;
        default = true;
      };
      policydConfig = mkOption {
        type = types.str;
        default = "";
      };
    };

    rspamd = {
      enable = mkOption {
        type = types.bool;
        default = true;
      };
      extraConfig = mkOption {
        type = types.lines;
        default = "";
      };
      redisPort = mkOption {
        type = types.number;
        default = 6380;
      };
    };

    accounts = mkOption {
      # where attrName = email for login
      default = {};
      type = types.attrsOf (types.submodule {
        options = {
          passwordHashFile = mkOption {
            type = types.str;
            description = ''
              a file containing the hashed password for user, loaded at runtime

            '';
          };
          aliases = mkOption {
            type = types.listOf types.str;
            default = [];
            description = "a list of aliases for receiving/sending mail";
          };
          sieveScript = mkOption {
            type = types.nullOr types.lines;
            default = null;
            description = "a default sieve script for filtering mail";
          };
        };
      });
    };

    extraAliasesFile = mkOption {
      type = types.nullOr types.str;
      default = null;
      description = "file containing postfix aliases for receiving, loaded at runtime";
    };

    sieveDirectory = mkOption {
      type = types.str;
      default = "/var/sieve";
      description = "path used for storing sieve scripts";
    };

    dkim = {
      enable = mkOption {
        type = types.bool;
        default = true;
      };
      directory = mkOption {
        type = types.str;
        default = "/var/dkim";
        description = "path used for storing dkim signing keys, make sure to keep this backed up";
      };
    };

    vmail = {
      user = mkOption {
        type = types.str;
        default = "vmail";
      };
      group = mkOption {
        type = types.str;
        default = "${cfg.vmail.user}";
      };
      userID = mkOption {
        type = types.number;
        default = 5000;
      };
      groupID = mkOption {
        type = types.number;
        default = cfg.vmail.userID;
      };
      directory = mkOption {
        type = types.str;
        default = "/home/${cfg.vmail.user}";
      };
    };
  };
}
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`{`
			`config,`
			`lib,`
			`...`
major tidy 2023-09-18 03:56:58 +01:00			`}: let`
			`inherit (lib) types;`
move all postgres to one daemon, redo wireguard some, roundcube is haunted and network interface is broken somehow 2023-10-02 03:08:24 +01:00			`inherit (lib.options) mkEnableOption mkOption;`
major tidy 2023-09-18 03:56:58 +01:00
add slskd, config.mailserver -> services.mailserver, fix gotosocial backups 2023-09-08 21:29:08 +01:00			`cfg = config.services.mailserver;`
move mailserver to module 2022-11-17 12:06:16 +00:00			`in {`
add slskd, config.mailserver -> services.mailserver, fix gotosocial backups 2023-09-08 21:29:08 +01:00			`options.services.mailserver = {`
move mailserver to module 2022-11-17 12:06:16 +00:00			`enable = mkEnableOption "mailserver";`

major tidy 2023-09-18 03:56:58 +01:00			`fqdn = mkOption {`
			`type = types.str;`
			`description = "domain used for mx records";`
			`};`
move mailserver to module 2022-11-17 12:06:16 +00:00
major tidy 2023-09-18 03:56:58 +01:00			`domains = mkOption {`
			`type = types.listOf types.str;`
			`description = "all domains for receiving mail on";`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`
fix restic, change emails, change roundcube settings 2022-12-02 16:07:06 +00:00
major tidy 2023-09-18 03:56:58 +01:00			`debugMode = mkOption {`
move mailserver to module 2022-11-17 12:06:16 +00:00			`type = types.bool;`
			`default = false;`
major tidy 2023-09-18 03:56:58 +01:00			`description = "enable debug logging on everything";`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`

major tidy 2023-09-18 03:56:58 +01:00			`sslConfig = {`
			`useACME = mkOption {`
			`type = types.bool;`
			`default = true;`
			`};`
			`cert = mkOption {`
			`type = types.str;`
			`default = "/var/lib/acme/${cfg.fqdn}/fullchain.pem";`
			`};`
			`key = mkOption {`
			`type = types.str;`
			`default = "/var/lib/acme/${cfg.fqdn}/key.pem";`
			`};`
fix restic, change emails, change roundcube settings 2022-12-02 16:07:06 +00:00			`};`

major tidy 2023-09-18 03:56:58 +01:00			`spf = {`
			`enable = mkOption {`
			`type = types.bool;`
			`default = true;`
			`};`
			`policydConfig = mkOption {`
			`type = types.str;`
			`default = "";`
			`};`
move mailserver into its own container 2023-08-09 15:11:04 +01:00			`};`

major tidy 2023-09-18 03:56:58 +01:00			`rspamd = {`
			`enable = mkOption {`
			`type = types.bool;`
			`default = true;`
			`};`
			`extraConfig = mkOption {`
			`type = types.lines;`
			`default = "";`
			`};`
			`redisPort = mkOption {`
			`type = types.number;`
			`default = 6380;`
			`};`
move mailserver into its own container 2023-08-09 15:11:04 +01:00			`};`

move mailserver to module 2022-11-17 12:06:16 +00:00			`accounts = mkOption {`
major tidy 2023-09-18 03:56:58 +01:00			`# where attrName = email for login`
			`default = {};`
			`type = types.attrsOf (types.submodule {`
move mailserver to module 2022-11-17 12:06:16 +00:00			`options = {`
major tidy 2023-09-18 03:56:58 +01:00			`passwordHashFile = mkOption {`
move mailserver to module 2022-11-17 12:06:16 +00:00			`type = types.str;`
major tidy 2023-09-18 03:56:58 +01:00			`description = ''`
			`a file containing the hashed password for user, loaded at runtime`

			`'';`
			`};`
			`aliases = mkOption {`
			`type = types.listOf types.str;`
			`default = [];`
			`description = "a list of aliases for receiving/sending mail";`
			`};`
			`sieveScript = mkOption {`
			`type = types.nullOr types.lines;`
			`default = null;`
			`description = "a default sieve script for filtering mail";`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`
			`};`
major tidy 2023-09-18 03:56:58 +01:00			`});`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`

major tidy 2023-09-18 03:56:58 +01:00			`extraAliasesFile = mkOption {`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`type = types.nullOr types.str;`
			`default = null;`
major tidy 2023-09-18 03:56:58 +01:00			`description = "file containing postfix aliases for receiving, loaded at runtime";`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`};`

major tidy 2023-09-18 03:56:58 +01:00			`sieveDirectory = mkOption {`
move mailserver to module 2022-11-17 12:06:16 +00:00			`type = types.str;`
			`default = "/var/sieve";`
major tidy 2023-09-18 03:56:58 +01:00			`description = "path used for storing sieve scripts";`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00
major tidy 2023-09-18 03:56:58 +01:00			`dkim = {`
			`enable = mkOption {`
			`type = types.bool;`
			`default = true;`
			`};`
			`directory = mkOption {`
			`type = types.str;`
			`default = "/var/dkim";`
			`description = "path used for storing dkim signing keys, make sure to keep this backed up";`
			`};`
move modules to containers and move piped to sockets rather than external nginx only 2023-08-09 15:47:01 +01:00			`};`

major tidy 2023-09-18 03:56:58 +01:00			`vmail = {`
			`user = mkOption {`
			`type = types.str;`
			`default = "vmail";`
			`};`
			`group = mkOption {`
			`type = types.str;`
			`default = "${cfg.vmail.user}";`
			`};`
			`userID = mkOption {`
			`type = types.number;`
			`default = 5000;`
			`};`
			`groupID = mkOption {`
			`type = types.number;`
			`default = cfg.vmail.userID;`
			`};`
			`directory = mkOption {`
			`type = types.str;`
			`default = "/home/${cfg.vmail.user}";`
tidy files, switch to alejandra for formatting, add private aliases to mailserver 2022-12-04 13:45:43 +00:00			`};`
move mailserver to module 2022-11-17 12:06:16 +00:00			`};`
			`};`
			`}`