simple-nixos-mailserver/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-12-25 04:10:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

wip

Browse source
This commit is contained in:
Martin Weinelt 2025-12-22 14:20:33 +01:00
parent a58140b479
commit 5cda7349d2
1 changed files with 17 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

19
mail-server/mta-sts.nix
View file

@ -7,13 +7,17 @@
let
cfg = config.mailserver;
common = import ./common.nix {
inherit config pkgs lib;
};
in
{
config = lib.mkIf (cfg.enable && cfg.mta-sts.enable) {
services.nginx = {
enable = true;
virtualHosts.${cfg.fqdn} = {
virtualHosts.mta-sts = {
forceSSL = true;
serverAliases = map (domain: "mta-sts.${domain}") cfg.domains;
locations."=/.well-known/mta-sts.txt" = {
@ -24,7 +28,18 @@ in
max_age: ${cfg.mta-sts.maxAge}
'';
};
};
}
// (
if (common.withACME) then
{
inherit (cfg.x509) useACMEHost;
}
else
{
sslCertificate = cfg.x509.certificateFile;
sslCertificateKey = cfg.x509.privateKeyFile;
}
);
};
};
}