mail-server.nix: add gaykraft mail server for testing purpose

configs/sputnik/configuration.nix

@@ -8,6 +8,8 @@
     ./nginx.nix
     ./tinc.nix
 
+    ./mail-server.nix
+
   ];
 
   networking.hostName   = "sputnik";

configs/sputnik/mail-server.nix

@@ -0,0 +1,54 @@
+{ config, pkgs, lib, ... }:
+{
+  imports = [
+    (builtins.fetchTarball {
+      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz";
+      sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx";
+    })
+  ];
+
+  mailserver = {
+    enable = true;
+    fqdn = "mail.gaykraft.com";
+    domains = [ "gaykraft.com" ];
+
+    # A list of all login accounts. To create the password hashes, use
+    # nix-shell -p mkpasswd --run 'mkpasswd -m sha-512 "super secret password"'
+    loginAccounts = {
+      "root@gaykraft.com" = {
+        hashedPassword = lib.fileContents <secrets/mailserver/hashedPasswords/root_at_gaykraft.com>;
+        #aliases = [
+        #  "postmaster@gaykraft.com"
+        #];
+        # Make this user the catchAll address for domains
+        catchAll = [
+          "gaykraft.com"
+        ];
+      };
+    };
+
+    # Extra virtual aliases. These are email addresses that are forwarded to
+    # loginAccounts addresses.
+    #extraVirtualAliases = {
+      # address = forward address;
+      #"abuse@example.com" = "user1@example.com";
+    #};
+
+    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
+    # down nginx and opens port 80.
+    certificateScheme = 3;
+
+    # Enable IMAP and POP3
+    enableImap = true;
+    enablePop3 = true;
+    enableImapSsl = true;
+    enablePop3Ssl = true;
+
+    # Enable the ManageSieve protocol
+    #enableManageSieve = true;
+
+    # whether to scan inbound emails for viruses (note that this requires at least
+    # 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty)
+    virusScanning = false;
+  };
+}