mail: add automx2
This commit is contained in:
parent
ba4d7916bb
commit
3e5561f155
|
@ -1,4 +1,4 @@
|
|||
{ config, lib, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
microvm.mem = 2048;
|
||||
|
@ -15,11 +15,12 @@
|
|||
in {
|
||||
enable = true;
|
||||
certificateScheme = "acme-nginx";
|
||||
# dmarcReporting = {
|
||||
dmarcReporting = {
|
||||
# enable = true;
|
||||
# domain = "c3d2.de";
|
||||
# organizationName = "Netzbiotop Dresden e.V.";
|
||||
# };
|
||||
organizationName = "Netzbiotop Dresden e.V.";
|
||||
};
|
||||
debug = true;
|
||||
domains = [ "netzbiotop.org" ];
|
||||
dkimKeyBits = 2048;
|
||||
dkimSelector = "default";
|
||||
|
@ -103,6 +104,22 @@
|
|||
commonHttpConfig = /* nginx */ ''
|
||||
proxy_headers_hash_bucket_size 96;
|
||||
'';
|
||||
virtualHosts."autoconfig.netzbiotop.org" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
serverAliases = [
|
||||
"autoconfig.netzbiotop.org"
|
||||
"autodiscover.netzbiotop.org"
|
||||
];
|
||||
locations = {
|
||||
"/".proxyPass = "http://127.0.0.1:4243/";
|
||||
"/initdb".extraConfig = ''
|
||||
# Limit access to clients connecting from localhost
|
||||
allow 127.0.0.1;
|
||||
deny all;
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -113,5 +130,52 @@
|
|||
};
|
||||
};
|
||||
|
||||
systemd.services.automx2 = {
|
||||
after = [ "network.target" ];
|
||||
postStart = let
|
||||
json = pkgs.writeText "data.json" (builtins.toJSON {
|
||||
provider = config.mailserver.dmarcReporting.organizationName;
|
||||
domains = config.mailserver.domains;
|
||||
servers = [
|
||||
{ name = config.mailserver.fqdn; type = "imap"; }
|
||||
{ name = config.mailserver.fqdn; type = "pop3"; }
|
||||
{ name = config.mailserver.fqdn; type = "smtp"; }
|
||||
];
|
||||
});
|
||||
in ''
|
||||
sleep 3 && ${lib.getExe pkgs.curl} -X POST --json @${json} http://127.0.0.1:4243/initdb/
|
||||
'';
|
||||
serviceConfig = {
|
||||
Environment = [
|
||||
"AUTOMX2_CONF=${pkgs.writeText "automx2-conf" /* toml */ ''
|
||||
[automx2]
|
||||
loglevel = WARNING
|
||||
db_uri = sqlite:///:memory:
|
||||
proxy_count = 1
|
||||
''}"
|
||||
"FLASK_APP=automx2.server:app"
|
||||
"FLASK_CONFIG=production"
|
||||
];
|
||||
ExecStart = "${pkgs.python3.buildEnv.override { extraLibs = [ pkgs.python3Packages.automx2 ]; }}/bin/flask run --host=127.0.0.1 --port=4243";
|
||||
Restart = "always";
|
||||
StateDirectory = "automx2";
|
||||
User = "automx2";
|
||||
WorkingDirectory = "/var/lib/automx2";
|
||||
};
|
||||
unitConfig = {
|
||||
Description = "MUA configuration service";
|
||||
Documentation = "https://rseichter.github.io/automx2/";
|
||||
};
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11";
|
||||
|
||||
users = {
|
||||
groups.automx2 = {};
|
||||
users.automx2 = {
|
||||
group = "automx2";
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue