From a80eeb2a16edbba6bb81744597eff61da2992a4a Mon Sep 17 00:00:00 2001
From: osbm <osbm@osbm.dev>
Date: Wed, 5 Nov 2025 20:18:51 +0300
Subject: [PATCH] folders

---
 modules/nixos/services/mailserver.nix | 71 ++++++++++++++-------------
 1 file changed, 38 insertions(+), 33 deletions(-)

diff --git a/modules/nixos/services/mailserver.nix b/modules/nixos/services/mailserver.nix
index 08cd795..6114e01 100644
--- a/modules/nixos/services/mailserver.nix
+++ b/modules/nixos/services/mailserver.nix
@@ -41,42 +41,47 @@
       {
         environment.persistence."/persist" = {
           directories = [
-            # TODO write justifications for each of these
             # Dovecot is an open source IMAP and POP3 server
             # which means it handles email retrieval for users.
             "/var/lib/dovecot" # owned by root
-        #     "/var/lib/postfix" # owned by root
-        #     {
-        #       directory = "/var/lib/rspamd";
-        #       user = "rspamd";
-        #       group = "rspamd";
-        #       mode = "0750";
-        #     }
-        #     {
-        #       directory = "/var/spool/redis-rspamd";
-        #       user = "redis-rspamd";
-        #       group = "redis-rspamd";
-        #       mode = "0750";
-        #     }
-        #     {
-        #       directory = config.mailserver.sieveDirectory;
-        #       user = "virtualMail";
-        #       group = "virtualMail";
-        #       mode = "0770";
-        #     }
-        #     {
-        #       directory = config.mailserver.mailDirectory;
-        #       user = config.mailserver.vmailUserName;
-        #       group = config.mailserver.vmailGroupName;
-        #       mode = "0700";
-        #     }
-        #     {
-        #       directory = config.mailserver.dkimKeyDirectory;
-        #       user = "rspamd";
-        #       group = "rspamd";
-        #       mode = "0755";
-        #     }
-        #     "/var/spool"
+            # Postfix is a open-source mail transfer agent (MTA)
+            "/var/lib/postfix" # owned by root
+            # Rspamd is a open-source spam filtering system.
+            {
+              directory = "/var/lib/rspamd";
+              user = "rspamd";
+              group = "rspamd";
+              mode = "0700";
+            }
+            # redis-rspamd is just a redis instance used by rspamd for caching
+            # TODO: what is the /var/spool folder?
+            {
+              directory = "/var/spool/redis-rspamd";
+              user = "redis-rspamd";
+              group = "redis-rspamd";
+              mode = "0750";
+            }
+            # Sieve is a scripting language for filtering email messages.
+            {
+              directory = config.mailserver.sieveDirectory; # /var/sieve by default
+              user = "virtualMail";
+              group = "virtualMail";
+              mode = "0770";
+            }
+            # Mail folder
+            {
+              directory = config.mailserver.mailDirectory; # /var/vmail by default
+              user = config.mailserver.vmailUserName;
+              group = config.mailserver.vmailGroupName;
+              mode = "0700";
+            }
+            # DKIM is used to sign outgoing emails to verify they are from the claimed domain.
+            {
+              directory = config.mailserver.dkimKeyDirectory; # /var/dkim by default
+              user = "rspamd";
+              group = "rspamd";
+              mode = "0755";
+            }
           ];
         };
       })