From 28bca23b69ce78e70ac8e129c429495035dab6d4 Mon Sep 17 00:00:00 2001
From: osbm <osbm@osbm.dev>
Date: Sat, 20 Dec 2025 14:31:55 +0300
Subject: [PATCH] add mailserver acme setup

---
 modules/nixos/services/mailserver.nix | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/modules/nixos/services/mailserver.nix b/modules/nixos/services/mailserver.nix
index 409d7c1..8b729a8 100644
--- a/modules/nixos/services/mailserver.nix
+++ b/modules/nixos/services/mailserver.nix
@@ -50,6 +50,18 @@
       };
     })
 
+    # Configure ACME certificate via nginx
+    (lib.mkIf
+      (config.osbmModules.services.nginx.enable && config.osbmModules.services.mailserver.enable)
+      {
+        services.nginx.virtualHosts."${config.mailserver.fqdn}" = {
+          forceSSL = true;
+          enableACME = true;
+          locations."/".return = "404"; # Just for ACME, no actual web content
+        };
+      }
+    )
+
     # mailserver and impermanence
     (lib.mkIf
       (