diff options
author | Azat Bahawi <azat@bahawi.net> | 2023-05-02 01:27:41 +0300 |
---|---|---|
committer | Azat Bahawi <azat@bahawi.net> | 2023-05-02 01:27:41 +0300 |
commit | 1e9d5f05b350cec8568b6c2eb4fb4d124e73e926 (patch) | |
tree | 1ae63982779fef6b367dc8dc4777a1ab89cab7f2 /nixosConfigurations/manwe/mailserver | |
parent | 2023-04-14 (diff) |
2023-05-02
Diffstat (limited to '')
-rw-r--r-- | nixosConfigurations/manwe/mailserver.nix | 40 |
1 files changed, 25 insertions, 15 deletions
diff --git a/nixosConfigurations/manwe/mailserver.nix b/nixosConfigurations/manwe/mailserver.nix index 0667a49..acd625b 100644 --- a/nixosConfigurations/manwe/mailserver.nix +++ b/nixosConfigurations/manwe/mailserver.nix @@ -7,36 +7,46 @@ with lib; { imports = [inputs.simple-nixos-mailserver.nixosModule]; - nixfiles.modules.redis.enable = true; + ark.directories = with config.mailserver; [ + "/var/lib/dovecot" + "/var/lib/postfix" + config.security.dhparams.params.dovecot2.path + dkimKeyDirectory + mailDirectory + sieveDirectory + ]; - secrets = { + secrets = with config.mailserver; { dkim-key-azahi-cc = { file = "${inputs.self}/secrets/dkim-key-azahi-cc"; - path = "/var/dkim/${my.domain.azahi}.${config.mailserver.dkimSelector}.key"; - owner = "opendkim"; - group = "opendkim"; + path = "${dkimKeyDirectory}/${my.domain.azahi}.${dkimSelector}.key"; + owner = config.services.opendkim.user; + inherit (config.services.opendkim) group; }; dkim-key-rohan-net = { file = "${inputs.self}/secrets/dkim-key-rohan-net"; - path = "/var/dkim/${my.domain.rohan}.${config.mailserver.dkimSelector}.key"; - owner = "opendkim"; - group = "opendkim"; + path = "${dkimKeyDirectory}/${my.domain.rohan}.${dkimSelector}.key"; + owner = config.services.opendkim.user; + inherit (config.services.opendkim) group; }; dkim-key-gondor-net = { file = "${inputs.self}/secrets/dkim-key-gondor-net"; - path = "/var/dkim/${my.domain.gondor}.${config.mailserver.dkimSelector}.key"; - owner = "opendkim"; - group = "opendkim"; + path = "${dkimKeyDirectory}/${my.domain.gondor}.${dkimSelector}.key"; + owner = config.services.opendkim.user; + inherit (config.services.opendkim) group; }; dkim-key-shire-net = { file = "${inputs.self}/secrets/dkim-key-shire-net"; - path = "/var/dkim/${my.domain.shire}.${config.mailserver.dkimSelector}.key"; - owner = "opendkim"; - group = "opendkim"; + path = "${dkimKeyDirectory}/${my.domain.shire}.${dkimSelector}.key"; + owner = config.services.opendkim.user; + inherit (config.services.opendkim) group; }; }; - nixfiles.modules.acme.enable = true; + nixfiles.modules = { + acme.enable = true; + redis.enable = true; + }; mailserver = let cert = config.certs.${my.domain.shire}; |