haccfiles/hosts/hainich/services/mail.nix

178 lines
6.3 KiB
Nix
Raw Permalink Normal View History

2020-11-27 20:56:20 +00:00
{ config, pkgs, lib, ... }:
let
sources = import ../../../nix/sources.nix;
in {
imports = [
sources.nixos-mailserver.outPath
2020-11-27 20:56:20 +00:00
];
mailserver = {
mailDirectory = "/data/mail";
enable = true;
fqdn = "mail.hacc.space";
2021-01-14 00:02:32 +00:00
domains = [ "hacc.space" "hacc.earth" "4future.dev" "4futu.re" "infra4future.de" "discuss.infra4future.de" ];
2020-11-27 20:56:20 +00:00
loginAccounts = {
2021-03-12 23:27:53 +00:00
# "hexchen@hacc.space" = {
# hashedPassword = "$6$x9skYtRp4dgxC$1y8gPC2BuVqG3kJVSMGgzZv0Bg1T9qxcnBWLIDbANy1d//SQ23Y7s3IMYcEPd1/l/MYWD9Y/Qse6HbT5w5Xwq/";
2020-11-27 20:56:20 +00:00
2021-03-12 23:27:53 +00:00
# aliases = [
# "postmaster@hacc.space"
# "abuse@hacc.space"
# ];
# };
2020-11-27 20:56:20 +00:00
"octycs@hacc.space" = {
hashedPassword = "$6$KceTivtJ$58jxhYF6ULfivNsb3Z0J7PnGea0Hs2wTWh3c9FrKRIAmuOD96u2IDgZRCn6P5NrXA0BL.n6HC2RS3r.4JnOmg.";
aliases = [
"markus@hacc.space"
];
};
"raphael@hacc.space" = {
hashedPassword = "$6$QveHpwMcp9mkFVAU$EFuahOrJIxPg.c.WGFHtrP3.onwJYwvP7fiBHHGb9jhosewZ2tEUP.2D3uyDLhd9Cfny6Yp4jDk/Hkjk7/ME1/";
};
"engelsystem@hacc.space" = {
hashedPassword = "$6$5cIAEhJ7af7M$eJBPQc3ONd.N3HKPFpxfG7liZbUXPvWuSpWVgeG7rmsG7f7.Zdxtodvt5VaXoA3AEiv3GqcY.gKHISK/Gg0ib/";
};
"schweby@hacc.space" = {
hashedPassword = "$6$BpYhwcZNrkLhVqK$6FMqA/vUkdV4GBlHLSqS5DRCb/CaLDNeIsBcZ8G30heytS/tJj2Ag7b1ovSltTA4PUfhee3pJrz1BkwkA93vN1";
2021-03-12 23:27:53 +00:00
aliases = [
"postmaster@hacc.space"
"abuse@hacc.space"
"hexchen@hacc.space"
];
2020-11-27 20:56:20 +00:00
};
"zauberberg@hacc.space" = {
hashedPassword = "$6$ISAaU8X6D$oGKe9WXDWrRpGzHUTdxrxdtg9zuGOlBMuDc82IZhegpsv1bqd550FhZZrI40IjZTA5Hy2MZ8j/0efpnQ4fOQH0";
aliases = [
"lukas@hacc.space"
];
};
"talx@hacc.space" = {
hashedPassword = "$6$0hIKRoMJS./JSE$tXizRgphhNM3ZYx216VdRv1OiyZoYXsjGqSudTDu8vB8eZb03Axi31VKV87RXiEGGixdvTsHEKpx032aOzzt31";
};
"unms@hacc.space" = {
hashedPassword = "$6$pYlNP37913$sGE3L722ceP.1Qm5lsffYUN919hPP1xRTrzco3ic3Op21iiknBkOY04eY2l3Um/Bpk/yV89aJD0eaB/5RCbWR1";
};
"noreply@hacc.space" = {
hashedPassword = "$6$YsqMoItITZUzI5wo$5Lejf8XBHRx4LW4VuZ9wJCiBbT4kOV/EZaCdWQ07eVIrkRTZwXWZ5zfsh.olXEFwvpNWN.DBnU.dQc.cC0/ra/";
};
"stuebinm@hacc.space" = {
2020-12-02 14:05:57 +00:00
hashedPassword = "$6$mjrMQG5smqLRlm$WzmbiZnGlEXGT7hj/n2qz0nvVzGyZfMToCyLRi0wErfVEHI7y7jtWoHqIWnpcHAM29UocsIFFsUCb3XqQCwwB.";
2020-11-27 20:56:20 +00:00
};
2020-12-05 17:41:25 +00:00
"newsletter@hacc.space" = {
2020-12-05 18:59:20 +00:00
hashedPassword = "$6$f0xKnQxBInd$zbVIi1lTKWauqW.c8sMNLHNwzn81oQrVOiIfJwPa98n9xWz/NkjuWLYuFpK.MSZwNwP7Yv/a/qaOb9v8qv/.N1";
2020-12-05 17:41:25 +00:00
};
2021-01-07 00:22:36 +00:00
"lenny@hacc.space" = {
hashedPassword = "$6$EZpv9XImv5F3$p2NSoo5gLxh6NnB3/C6wF8knRTuMHqDXYF3BEscaQuk7qok2Z13xKT/6mFvvSKKBnFCuYptgnfGswmoqIzm/1/";
aliases = [
"rinderhacc@hacc.space"
];
};
# service accounts
"gitlab@infra4future.de".hashedPassword = "$6$8vvkYuxv$9xV5WktsqfgM3cWSxonjtaohm7oqvDC5qsgJCJBATwesjTRxd/QTLa7t7teK8Nzyl.Py26xz.NvYowCZQ4aBE1";
"noreply@infra4future.de".hashedPassword = "$6$uaD8bRcT1$gFqhFyu5RUsyUUOG5b.kN.JAJ1rVHvaYhpeRHoMvrERAMgBu1FHu2oDnjTsy.5NKoLc5xpI5uv4Gpy4YbmDmV.";
"discuss@infra4future.de".hashedPassword = "$6$8x8/OlMFjq1$S54jdBh7WjrdC6UtbYAHHzMJak7Ai/CjwmWBBbqh7yRHuZt.mfZrsfBNiL3JKBHE7seQ7JYRU99lJKCU6Aujg/";
2020-11-27 20:56:20 +00:00
};
extraVirtualAliases = {
# address = forward address;
"info@hacc.space" = [
2021-03-12 23:27:53 +00:00
# "hexchen@hacc.space"
2020-11-27 20:56:20 +00:00
"octycs@hacc.space"
"raphael@hacc.space"
"schweby@hacc.space"
"zauberberg@hacc.space"
"stuebinm@hacc.space"
"lenny@hacc.space"
2020-11-27 20:56:20 +00:00
];
"himmel@hacc.space" = [
2021-03-12 23:27:53 +00:00
# "hexchen@hacc.space"
2020-11-27 20:56:20 +00:00
"schweby@hacc.space"
"zauberberg@hacc.space"
];
"admin@hacc.space" = [
2021-03-12 23:27:53 +00:00
# "hexchen@hacc.space"
2020-11-27 20:56:20 +00:00
"schweby@hacc.space"
2021-01-07 00:22:36 +00:00
"zauberberg@hacc.space"
2020-11-27 20:56:20 +00:00
];
2020-11-30 21:37:18 +00:00
"voc@hacc.space" = [
2021-03-12 23:27:53 +00:00
# "hexchen@hacc.space"
2020-11-30 21:37:18 +00:00
"schweby@hacc.space"
"octycs@hacc.space"
"stuebinm@hacc.space"
"zauberberg@hacc.space"
"lenny@hacc.space"
];
"vorstand@hacc.space" = [
"raphael@hacc.space"
"schweby@hacc.space"
"zauberberg@hacc.space"
];
"mitglieder@hacc.space" = [
"raphael@hacc.space"
"schweby@hacc.space"
"zauberberg@hacc.space"
"lenny@hacc.space"
"octycs@hacc.space"
2020-11-30 21:37:18 +00:00
];
2020-11-27 20:56:20 +00:00
};
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80.
certificateScheme = 3;
# Enable IMAP and POP3
enableImap = true;
enablePop3 = true;
enableImapSsl = true;
enablePop3Ssl = true;
# Enable the ManageSieve protocol
enableManageSieve = true;
# whether to scan inbound emails for viruses (note that this requires at least
# 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty)
virusScanning = false;
};
services.postfix.submissionOptions.smtpd_sender_restrictions = "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
services.postfix.submissionsOptions.smtpd_sender_restrictions = "reject_non_fqdn_sender,reject_unknown_sender_domain,permit";
2020-12-10 12:40:44 +00:00
services.postfix.virtual = ''
@4future.dev @hacc.space
@4futu.re @hacc.space
@hacc.earth @hacc.space
2021-01-14 00:02:32 +00:00
@discuss.infra4future.de discuss@infra4future.de
admin@infra4future.de admin@hacc.space
noreply@infra4future.de admin@hacc.space
lukas@infra4future.de zauberberg@hacc.space
info@infra4future.de admin@hacc.space
postmaster@infra4future.de admin@hacc.space
voc@infra4future.de admin@hacc.space
haccvoc@infra4future.de admin@hacc.space
2020-12-10 12:40:44 +00:00
contact@hacc.space info@hacc.space
2020-11-27 20:56:20 +00:00
'';
2020-12-05 18:56:49 +00:00
systemd.services.alps = {
enable = true;
2020-12-09 12:01:39 +00:00
script = "${pkgs.alps}/bin/alps -theme alps imaps://mail.hacc.space:993 smtps://mail.hacc.space:465";
serviceConfig.WorkingDirectory = "${pkgs.alps}/share/alps";
};
services.nginx.virtualHosts."mail.hacc.space" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://[::1]:1323";
2020-12-05 18:56:49 +00:00
};
2020-11-27 20:56:20 +00:00
}