system/machines/magenta/services/mailserver.nix

32 lines
806 B
Nix

{ ... }:
{
imports = [ ./mailserver-accounts.secret.nix ];
# See: https://nixos-mailserver.readthedocs.io/en/latest/options.html
mailserver = {
enable = true;
fqdn = "mail.pleshevski.ru";
domains = [ "pleshevski.ru" ];
# Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80.
certificateScheme = 3;
hierarchySeparator = "/";
};
# required for certificateScheme = 3
# TODO: Try to use traefik
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
defaultHTTPListenPort = 10080;
defaultSSLListenPort = 10443;
};
networking.firewall.allowedTCPPorts = [ 10080 10443 ];
}