32 lines
806 B
Nix
32 lines
806 B
Nix
{ ... }:
|
|
|
|
{
|
|
imports = [ ./mailserver-accounts.secret.nix ];
|
|
|
|
# See: https://nixos-mailserver.readthedocs.io/en/latest/options.html
|
|
mailserver = {
|
|
enable = true;
|
|
fqdn = "mail.pleshevski.ru";
|
|
domains = [ "pleshevski.ru" ];
|
|
|
|
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
|
|
# down nginx and opens port 80.
|
|
certificateScheme = 3;
|
|
|
|
hierarchySeparator = "/";
|
|
};
|
|
|
|
# required for certificateScheme = 3
|
|
# TODO: Try to use traefik
|
|
services.nginx = {
|
|
enable = true;
|
|
recommendedGzipSettings = true;
|
|
recommendedOptimisation = true;
|
|
recommendedProxySettings = true;
|
|
recommendedTlsSettings = true;
|
|
defaultHTTPListenPort = 10080;
|
|
defaultSSLListenPort = 10443;
|
|
};
|
|
|
|
networking.firewall.allowedTCPPorts = [ 10080 10443 ];
|
|
}
|