2023-04-04 00:04:04 +02:00
|
|
|
{ config, ... }:
|
|
|
|
{
|
2023-04-04 14:25:21 +02:00
|
|
|
sops.secrets.mailman_ldap_search = {
|
|
|
|
key = "portunus_search";
|
|
|
|
owner = config.services.mailman.webUser;
|
|
|
|
};
|
2023-04-04 00:04:04 +02:00
|
|
|
services.mailman = {
|
|
|
|
enable = true;
|
|
|
|
serve.enable = true;
|
|
|
|
webHosts = [ "lists.${config.fsr.domain}" ];
|
|
|
|
hyperkitty.enable = true;
|
|
|
|
enablePostfix = true;
|
2023-05-12 15:25:14 +02:00
|
|
|
siteOwner = "mailman@${config.fsr.domain}";
|
|
|
|
settings = {
|
2023-05-31 14:58:26 +02:00
|
|
|
mta.smtp_secure_mode = "SecureMode.STARTTLS";
|
2023-05-12 15:25:14 +02:00
|
|
|
};
|
2023-04-04 14:25:21 +02:00
|
|
|
ldap = {
|
|
|
|
enable = true;
|
|
|
|
serverUri = "ldap://localhost";
|
|
|
|
bindDn = "uid=search, ou=users, dc=ifsr, dc=de";
|
|
|
|
bindPasswordFile = config.sops.secrets.mailman_ldap_search.path;
|
|
|
|
userSearch = {
|
|
|
|
ou = "ou=users, dc=ifsr, dc=de";
|
|
|
|
query = "(&(objectClass=posixAccount)(uid=%(user)s))";
|
|
|
|
};
|
|
|
|
groupSearch = {
|
|
|
|
ou = "ou=groups, dc=ifsr, dc=de";
|
|
|
|
query = "(objectClass=groupOfNames)";
|
|
|
|
};
|
|
|
|
};
|
2023-04-04 00:04:04 +02:00
|
|
|
};
|
2023-04-24 22:30:04 +02:00
|
|
|
services.nginx.virtualHosts."lists.${config.fsr.domain}" = {
|
|
|
|
enableACME = true;
|
|
|
|
forceSSL = true;
|
|
|
|
};
|
2023-04-04 00:04:04 +02:00
|
|
|
}
|