jalr/nixos-configuration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nixos-configuration/modules/mailserver/default.nix
Jakob Lechner 81ad290491
Add port attrset
2023-11-08 23:54:36 +00:00

112 lines
3.2 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, lib, pkgs, ... }:
let
cfg = config.jalr.mailserver;
in
{
options.jalr.mailserver = with lib; with lib.types; {
enable = mkEnableOption "simple mail server";
relayPort = mkOption {
description = "SMTP port for relay mail relay.";
type = port;
default = 25;
};
fqdn = mkOption {
type = str;
description = ''
FQDN of the mail server
It needs to have a matching reverse DNS record.
By default, an acme certificate with this name has to be present.
See `certDir` for more details.
'';
example = "mail.example.com";
};
storageDir = mkOption {
type = path;
description = "Location of the storage directory for mails";
default = "/var/vmail";
};
domains = mkOption {
type = listOf (submodule {
options = {
domain = mkOption {
type = str;
description = "Domain to serve";
example = [ "example.com" "example.org" ];
};
enableDKIM = (lib.mkEnableOption "Enable DKIM signing") // { default = false; };
DKIMSelector = mkOption {
type = str;
description = "DKIM selector to use when signing";
default = "default";
};
};
});
description = "Domains of the mail server";
};
certDir = mkOption {
type = path;
description = "Directory with `fullchain.pem` and `key.pem` for the FQDN. Defaults to the ACME directory of the FQDN.";
default = config.security.acme.certs."${cfg.fqdn}".directory;
};
users = mkOption {
type = listOf (submodule {
options = {
address = mkOption {
type = str;
description = "Primary e-mail address of the user";
example = "jdoe@example.com";
};
passwordHash = mkOption {
type = str;
description = ''
Argon2id hash of the users password. Please note that it will be
world-readable in the nix store.
'';
example = "$argon2id$v=19$m=2097152,t=9,p=4$ycAnTa3lq5EAPTNJVpZ3+A$dIJ0CHVNn3vRUUso3IveHlrzTURoudrkxU92P5Q9/P4";
};
aliases = mkOption {
type = listOf str;
description = ''
A list of aliases for the user.
If multiple users have the same alias defined, mail will be
delivered to both of them.
'';
default = [ ];
example = [
"j.doe@example.com"
"jane.doe@example.com"
"postmaster@example.com"
];
};
};
});
description = "Users of the mail server";
};
cleanHeaders = mkOption {
type = listOf str;
description = "A list of regular expressions that define what headers are filtered";
default = [
"/^\\s*Received:/"
"/^\\s*User-Agent:/"
"/^\\s*X-Mailer:/"
"/^\\s*X-Originating-IP:/"
];
};
messageSizeLimit = mkOption {
type = int;
description = ''
Message size limit, in bytes.
'';
default = 10485760;
};
};
imports = [
./dovecot.nix
./postfix.nix
./rspamd.nix
./users.nix
];
}
Reference in a new issue View git blame Copy permalink