diff options
| -rw-r--r-- | mail.nix | 54 |
1 files changed, 46 insertions, 8 deletions
diff --git a/mail.nix b/mail.nix index 62a7f11..ae14556 100644 --- a/mail.nix +++ b/mail.nix @@ -192,16 +192,40 @@ in { enable = true; port = 1430; }; - inboxes = { - test = { - address = [ "test@${publicHost}" ]; - description = "test list"; - url = "https://${publicHost}/test"; + imap = let + certDir = config.security.acme.certs.${publicHost}.directory; + in { + cert = "${certDir}/cert.pem"; + enable = true; + key = "${certDir}/key.pem"; + port = 143; + }; + inboxes = builtins.mapAttrs (name: value: value // { + address = [ "${name}@${publicHost}" ]; + url = "https://${publicHost}/${name}"; + newsgroup = "inbox.${name}"; + }) { + test.description = "test list"; + chung = { + description = "News, requests and patches for loang.net"; + coderepo = [ "nixos-conf" "phylactery" "site" ]; }; }; mda.enable = true; postfix.enable = true; - settings.publicinbox.wwwlisting = "match=domain"; + settings = { + coderepo = builtins.listToAttrs (map (name: { + name = name; + value = { + cgitUrl = "https://trong.loang.net/${name}"; + dir = name; + }; + }) [ "nixos-conf" "phylactery" "site" ]); + publicinbox = { + imapserver = [ publicHost ]; + wwwlisting = "match=domain"; + }; + }; }; nginx.virtualHosts = { @@ -257,6 +281,20 @@ in { }; }; - systemd.services.alps.unitConfig.Requires = "maddy.service"; - users.extraUsers.maddy.extraGroups = [ "nginx" "shadow" ]; + systemd.services = { + alps.unitConfig.Requires = "maddy.service"; + public-inbox-imapd.serviceConfig.BindReadOnlyPaths = [ + config.security.acme.certs.${publicHost}.directory + ]; + }; + + users.users = { + maddy.extraGroups = [ + config.security.acme.certs.${hostname}.group + "shadow" + ]; + public-inbox.extraGroups = [ + config.security.acme.certs.${publicHost}.group + ]; + }; } |