fruitbasket/modules/mailman.nix

{ config, ... }:
{
  sops.secrets.mailman_ldap_search = {
    key = "portunus_search";
    owner = config.services.mailman.webUser;
  };
  services.mailman = {
    enable = true;
    serve.enable = true;
    webHosts = [ "lists.${config.fsr.domain}" ];
    hyperkitty.enable = true;
    enablePostfix = true;
    siteOwner = "root@${config.fsr.domain}";
    ldap = {
      enable = true;
      serverUri = "ldap://localhost";
      bindDn = "uid=search, ou=users, dc=ifsr, dc=de";
      bindPasswordFile = config.sops.secrets.mailman_ldap_search.path;
      userSearch = {
        ou = "ou=users, dc=ifsr, dc=de";
        query = "(&(objectClass=posixAccount)(uid=%(user)s))";
      };
      groupSearch = {
        ou = "ou=groups, dc=ifsr, dc=de";
        query = "(objectClass=groupOfNames)";
      };
    };
  };
  services.nginx.virtualHosts."lists.${config.fsr.domain}" = {
    enableACME = true;
    forceSSL = true;
  };
}
initial mailman config 2023-04-04 00:04:04 +02:00			`{ config, ... }:`
			`{`
added ldap config to mailman 2023-04-04 14:25:21 +02:00			`sops.secrets.mailman_ldap_search = {`
			`key = "portunus_search";`
			`owner = config.services.mailman.webUser;`
			`};`
initial mailman config 2023-04-04 00:04:04 +02:00			`services.mailman = {`
			`enable = true;`
			`serve.enable = true;`
			`webHosts = [ "lists.${config.fsr.domain}" ];`
			`hyperkitty.enable = true;`
			`enablePostfix = true;`
			`siteOwner = "root@${config.fsr.domain}";`
added ldap config to mailman 2023-04-04 14:25:21 +02:00			`ldap = {`
			`enable = true;`
			`serverUri = "ldap://localhost";`
			`bindDn = "uid=search, ou=users, dc=ifsr, dc=de";`
			`bindPasswordFile = config.sops.secrets.mailman_ldap_search.path;`
			`userSearch = {`
			`ou = "ou=users, dc=ifsr, dc=de";`
			`query = "(&(objectClass=posixAccount)(uid=%(user)s))";`
			`};`
			`groupSearch = {`
			`ou = "ou=groups, dc=ifsr, dc=de";`
			`query = "(objectClass=groupOfNames)";`
			`};`
			`};`
initial mailman config 2023-04-04 00:04:04 +02:00			`};`
enable https for mailman 2023-04-24 22:30:04 +02:00			`services.nginx.virtualHosts."lists.${config.fsr.domain}" = {`
			`enableACME = true;`
			`forceSSL = true;`
			`};`
initial mailman config 2023-04-04 00:04:04 +02:00			`}`