2023-05-24 16:38:35 +02:00
|
|
|
{ config, ... }:
|
2023-05-24 15:51:58 +02:00
|
|
|
{
|
2023-05-24 16:37:45 +02:00
|
|
|
sops.secrets."mail/rouven".owner = config.users.users.postfix.name;
|
2023-05-24 17:08:44 +02:00
|
|
|
sops.secrets."rspamd".owner = config.users.users.rspamd.name;
|
2023-05-24 16:37:45 +02:00
|
|
|
mailserver = rec {
|
2023-05-24 15:51:58 +02:00
|
|
|
enable = true;
|
2023-05-25 15:52:09 +02:00
|
|
|
fqdn = "falkenstein.vpn.rfive.de";
|
2023-05-24 15:51:58 +02:00
|
|
|
domains = [ "rfive.de" ];
|
2023-05-24 16:37:45 +02:00
|
|
|
loginAccounts = {
|
|
|
|
|
"rouven@rfive.de" = {
|
|
|
|
|
name = "Rouven Seifert";
|
|
|
|
|
hashedPasswordFile = config.sops.secrets."mail/rouven".path;
|
|
|
|
|
|
|
|
|
|
};
|
|
|
|
|
};
|
2023-05-26 00:01:59 +02:00
|
|
|
certificateScheme = "acme-nginx";
|
2023-05-24 15:51:58 +02:00
|
|
|
};
|
2023-05-24 17:08:44 +02:00
|
|
|
services.rspamd.locals."worker-controller.inc".source = config.sops.secrets."rspamd".path;
|
|
|
|
|
services.nginx.virtualHosts."rspamd.rfive.de" = {
|
|
|
|
|
enableACME = true;
|
|
|
|
|
forceSSL = true;
|
|
|
|
|
locations = {
|
|
|
|
|
"/" = {
|
|
|
|
|
proxyPass = "http://unix:/run/rspamd/worker-controller.sock:/";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2023-05-24 15:51:58 +02:00
|
|
|
}
|
