diff --git a/modules/nixos/options.nix b/modules/nixos/options.nix index 1e4c63f..45932c0 100644 --- a/modules/nixos/options.nix +++ b/modules/nixos/options.nix @@ -142,6 +142,7 @@ anubis.enable = lib.mkEnableOption "anubis"; syncthing.enable = lib.mkEnableOption "syncthing"; jellyfin.enable = lib.mkEnableOption "jellyfin"; + mailserver.enable = lib.mkEnableOption "mailserver"; vaultwarden.enable = lib.mkEnableOption "vaultwarden"; nginx.enable = lib.mkEnableOption "nginx"; ollama.enable = lib.mkEnableOption "ollama"; diff --git a/modules/nixos/services/default.nix b/modules/nixos/services/default.nix index ee6d2db..bf63669 100644 --- a/modules/nixos/services/default.nix +++ b/modules/nixos/services/default.nix @@ -10,6 +10,7 @@ ./glance.nix ./hydra.nix ./jellyfin.nix + ./mailserver.nix ./nginx.nix ./syncthing.nix ./tailscale.nix diff --git a/modules/nixos/services/mailserver.nix b/modules/nixos/services/mailserver.nix new file mode 100644 index 0000000..6d38dd7 --- /dev/null +++ b/modules/nixos/services/mailserver.nix @@ -0,0 +1,30 @@ +{ config, inputs, lib, ... }: +{ + imports = [ + inputs.simple-nixos-mailserver.nixosModule + ]; + + config = lib.mkMerge [ + (lib.optionalAttrs config.osbmModules.services.mailserver.enable { + mailserver = { + enable = true; + stateVersion = 3; + fqdn = "mail.osbm.dev"; + domains = [ "osbm.dev" ]; + + # A list of all login accounts. To create the password hashes, use + # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' + loginAccounts = { + "osbm@osbm.dev" = { + hashedPasswordFile = "/persist/osbm.passwd"; # TODO: Make this into agenix secret + aliases = ["postmaster@osbm.dev"]; + }; + }; + + # Use Let's Encrypt certificates. Note that this needs to set up a stripped + # down nginx and opens port 80. + certificateScheme = "acme-nginx"; + }; + }) + ]; +} \ No newline at end of file