diff --git a/configs/sputnik/configuration.nix b/configs/sputnik/configuration.nix index 7eb4b20..55f2236 100644 --- a/configs/sputnik/configuration.nix +++ b/configs/sputnik/configuration.nix @@ -8,6 +8,8 @@ ./nginx.nix ./tinc.nix + ./mail-server.nix + ]; networking.hostName = "sputnik"; diff --git a/configs/sputnik/mail-server.nix b/configs/sputnik/mail-server.nix new file mode 100644 index 0000000..7d6a549 --- /dev/null +++ b/configs/sputnik/mail-server.nix @@ -0,0 +1,54 @@ +{ config, pkgs, lib, ... }: +{ + imports = [ + (builtins.fetchTarball { + url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.1/nixos-mailserver-v2.2.1.tar.gz"; + sha256 = "03d49v8qnid9g9rha0wg2z6vic06mhp0b049s3whccn1axvs2zzx"; + }) + ]; + + mailserver = { + enable = true; + fqdn = "mail.gaykraft.com"; + domains = [ "gaykraft.com" ]; + + # A list of all login accounts. To create the password hashes, use + # nix-shell -p mkpasswd --run 'mkpasswd -m sha-512 "super secret password"' + loginAccounts = { + "root@gaykraft.com" = { + hashedPassword = lib.fileContents ; + #aliases = [ + # "postmaster@gaykraft.com" + #]; + # Make this user the catchAll address for domains + catchAll = [ + "gaykraft.com" + ]; + }; + }; + + # Extra virtual aliases. These are email addresses that are forwarded to + # loginAccounts addresses. + #extraVirtualAliases = { + # address = forward address; + #"abuse@example.com" = "user1@example.com"; + #}; + + # Use Let's Encrypt certificates. Note that this needs to set up a stripped + # down nginx and opens port 80. + certificateScheme = 3; + + # Enable IMAP and POP3 + enableImap = true; + enablePop3 = true; + enableImapSsl = true; + enablePop3Ssl = true; + + # Enable the ManageSieve protocol + #enableManageSieve = true; + + # whether to scan inbound emails for viruses (note that this requires at least + # 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty) + virusScanning = false; + }; +}