2022-12-04 13:45:43 +00:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
lib,
|
|
|
|
|
...
|
|
|
|
|
}: let
|
2023-09-18 03:56:58 +01:00
|
|
|
inherit (lib.modules) mkIf;
|
|
|
|
|
|
|
|
|
|
mailConfig = config.services.mailserver;
|
2022-11-17 12:06:16 +00:00
|
|
|
acmeRoot = "/var/lib/acme/acme-challenge";
|
|
|
|
|
in {
|
2023-09-18 03:56:58 +01:00
|
|
|
config = mkIf (mailConfig.enable && mailConfig.sslConfig.useACME) {
|
2022-11-17 12:06:16 +00:00
|
|
|
services.nginx = {
|
|
|
|
|
enable = true;
|
2023-09-18 03:56:58 +01:00
|
|
|
virtualHosts."${mailConfig.fqdn}" = {
|
|
|
|
|
serverName = mailConfig.fqdn;
|
|
|
|
|
serverAliases = mailConfig.domains;
|
2022-11-17 12:06:16 +00:00
|
|
|
forceSSL = true;
|
|
|
|
|
enableACME = true;
|
2024-03-10 17:26:18 +00:00
|
|
|
inherit acmeRoot;
|
2022-11-17 12:06:16 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-09-18 03:56:58 +01:00
|
|
|
security.acme.certs."${mailConfig.fqdn}" = {
|
2022-12-04 13:45:43 +00:00
|
|
|
reloadServices = ["postfix.service" "dovecot2.service"];
|
2022-11-17 12:06:16 +00:00
|
|
|
};
|
2022-12-04 13:45:43 +00:00
|
|
|
};
|
2022-11-17 12:06:16 +00:00
|
|
|
}
|
