about summary refs log tree commit diff
diff options
context:
space:
mode:
authorNguyễn Gia Phong <cnx@loang.net>2024-04-18 07:03:34 +0900
committerNguyễn Gia Phong <cnx@loang.net>2024-04-18 07:03:34 +0900
commit52595af8aff88d0ad3147f5122f19a8d44f72df1 (patch)
tree8346491d17dac1b2615ee59c5cf72f2c59ddf4b6
parent07e180ec0ac31dae44a0f54a42792f8863d2b39d (diff)
downloadnixos-conf-52595af8aff88d0ad3147f5122f19a8d44f72df1.tar.gz
Enable public-inbox-imapd
-rw-r--r--mail.nix54
1 files changed, 46 insertions, 8 deletions
diff --git a/mail.nix b/mail.nix
index 62a7f11..ae14556 100644
--- a/mail.nix
+++ b/mail.nix
@@ -192,16 +192,40 @@ in {
         enable = true;
         port = 1430;
       };
-      inboxes = {
-        test = {
-          address = [ "test@${publicHost}" ];
-          description = "test list";
-          url = "https://${publicHost}/test";
+      imap = let
+        certDir = config.security.acme.certs.${publicHost}.directory;
+      in {
+        cert = "${certDir}/cert.pem";
+        enable = true;
+        key = "${certDir}/key.pem";
+        port = 143;
+      };
+      inboxes = builtins.mapAttrs (name: value: value // {
+        address = [ "${name}@${publicHost}" ];
+        url = "https://${publicHost}/${name}";
+        newsgroup = "inbox.${name}";
+      }) {
+        test.description = "test list";
+        chung = {
+          description = "News, requests and patches for loang.net";
+          coderepo = [ "nixos-conf" "phylactery" "site" ];
         };
       };
       mda.enable = true;
       postfix.enable = true;
-      settings.publicinbox.wwwlisting = "match=domain";
+      settings = {
+        coderepo = builtins.listToAttrs (map (name: {
+          name = name;
+          value = {
+            cgitUrl = "https://trong.loang.net/${name}";
+            dir = name;
+          };
+        }) [ "nixos-conf" "phylactery" "site" ]);
+        publicinbox = {
+          imapserver = [ publicHost ];
+          wwwlisting = "match=domain";
+        };
+      };
     };
 
     nginx.virtualHosts = {
@@ -257,6 +281,20 @@ in {
     };
   };
 
-  systemd.services.alps.unitConfig.Requires = "maddy.service";
-  users.extraUsers.maddy.extraGroups = [ "nginx" "shadow" ];
+  systemd.services = {
+    alps.unitConfig.Requires = "maddy.service";
+    public-inbox-imapd.serviceConfig.BindReadOnlyPaths = [
+      config.security.acme.certs.${publicHost}.directory
+    ];
+  };
+
+  users.users = {
+    maddy.extraGroups = [
+      config.security.acme.certs.${hostname}.group
+      "shadow"
+    ];
+    public-inbox.extraGroups = [
+      config.security.acme.certs.${publicHost}.group
+    ];
+  };
 }