system/machines/magenta/services/mailserver.nix

{ ... }:

{
  imports = [ ./mailserver-accounts.secret.nix ];

  # See: https://nixos-mailserver.readthedocs.io/en/latest/options.html
  mailserver = {
    enable = true;
    fqdn = "mail.pleshevski.ru";
    domains = [ "pleshevski.ru" ];

    # Use Let's Encrypt certificates. Note that this needs to set up a stripped
    # down nginx and opens port 80.
    certificateScheme = 3;

    hierarchySeparator = "/";
  };

  # required for certificateScheme = 3
  # TODO: Try to use traefik
  services.nginx = {
    enable = true;
    recommendedGzipSettings = true;
    recommendedOptimisation = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    defaultHTTPListenPort = 10080;
    defaultSSLListenPort = 10443;
  };

  networking.firewall.allowedTCPPorts = [ 10080 10443 ];
}
machines/magenta: restructure services 2022-10-18 00:42:23 +03:00			`{ ... }:`

			`{`
refac secrets, make some data public 2022-10-19 19:17:37 +03:00			`imports = [ ./mailserver-accounts.secret.nix ];`
machines/magenta: restructure services 2022-10-18 00:42:23 +03:00
			`# See: https://nixos-mailserver.readthedocs.io/en/latest/options.html`
			`mailserver = {`
			`enable = true;`
			`fqdn = "mail.pleshevski.ru";`
			`domains = [ "pleshevski.ru" ];`

			`# Use Let's Encrypt certificates. Note that this needs to set up a stripped`
			`# down nginx and opens port 80.`
			`certificateScheme = 3;`

			`hierarchySeparator = "/";`
			`};`
machines/magenta: add traefik 2023-03-04 23:22:03 +03:00
			`# required for certificateScheme = 3`
			`# TODO: Try to use traefik`
			`services.nginx = {`
			`enable = true;`
			`recommendedGzipSettings = true;`
			`recommendedOptimisation = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`
			`defaultHTTPListenPort = 10080;`
			`defaultSSLListenPort = 10443;`
			`};`

			`networking.firewall.allowedTCPPorts = [ 10080 10443 ];`
machines/magenta: restructure services 2022-10-18 00:42:23 +03:00			`}`