Parameterize mail ports

1 files changed, 14 insertions, 11 deletions

diff --git a/mail.nix b/mail.nix
index edb5da0..62a7f11 100644
--- a/mail.nix
+++ b/mail.nix
@@ -18,15 +18,17 @@
 
 { config, lib, pkgs, ... }:
 let
-  certDir = config.security.acme.certs.${hostname}.directory;
+  alps = config.services.alps;
   domain = config.networking.domain;
   hostname = "tem.${domain}";
-  publicHost = "chung.${domain}";
+  publicHost = "loa.${domain}";
+  public-inbox = config.services.public-inbox;
 in {
   networking.firewall.allowedTCPPorts = [
     25 # SMTP-MTA
-    465 # SMTP-MSA
-    993 # IMAPS
+    alps.smtps.port
+    alps.imaps.port
+    public-inbox.imap.port
   ];
 
   services = {
@@ -98,7 +100,7 @@ in {
           }
         }
 
-        submission tls://0.0.0.0:465 {
+        submission tls://0.0.0.0:${toString alps.smtps.port} {
           limits {
             all rate 50 1s
           }
@@ -156,7 +158,7 @@ in {
           }
         }
 
-        imap tls://0.0.0.0:993 {
+        imap tls://0.0.0.0:${toString alps.imaps.port} {
           auth &local_authdb
           storage &local_mailboxes
         }
@@ -167,10 +169,12 @@ in {
       localDomains = [ domain publicHost ];
       tls = {
         loader = "file";
-        certificates = [{
+        certificates = let
+          certDir = config.security.acme.certs.${hostname}.directory;
+        in [ {
           certPath = "${certDir}/cert.pem";
           keyPath = "${certDir}/key.pem";
-        }];
+        } ];
       };
     };
 
@@ -241,12 +245,11 @@ in {
         enableACME = true;
         forceSSL = true;
         locations."/".proxyPass = let
-          port = config.services.public-inbox.http.port;
+          port = public-inbox.http.port;
         in "http://localhost:${toString port}";
       };
 
-      ${hostname} = let alps = config.services.alps;
-      in {
+      ${hostname} = {
         enableACME = true;
         forceSSL = true;
         locations."/".proxyPass = "http://${alps.bindIP}:${toString alps.port}";