Deploy a mail server

configuration.nix

@@ -108,6 +108,7 @@
     ./modules/monitoring.nix
     ./modules/periodic.nix
     ./modules/webstack.nix
+    ./modules/email.nix
   ];
 
 }

modules/email.nix

@@ -0,0 +1,30 @@
+{ config, pkgs, ... }:
+
+let release = "nixos-21.05";
+
+in {
+  imports = [
+    (builtins.fetchTarball {
+      url =
+        "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz";
+      sha256 = "1fwhb7a5v9c98nzhf3dyqf3a5ianqh7k50zizj8v5nmj3blxw4pi";
+    })
+  ];
+
+  # Mail server configuration
+  mailserver = {
+    enable = true;
+    fqdn = "mail.coace.duckdns.org";
+    domains = [ "coace.duckdns.org" ];
+    loginAccounts = {
+      "admin@coace.duckdns.org" = {
+        hashedPasswordFile = "/vault/mail/accounts/admin";
+        aliases = [ "postmaster@coace.duckdns.org" ];
+      };
+    };
+    localDnsResolver = false;
+    certificateScheme = 3;
+    mailDirectory = "/vault/mail/content";
+    dkimKeyDirectory = "/vault/mail/dkim";
+  };
+}

modules/networking.nix

@@ -150,6 +150,16 @@ in {
       conf-file=/var/lib/dnsmasq/dnsmasq.blacklist.txt
 
       address=/coace.duckdns.org/10.0.1.3
+      # Mail server records
+      address=/mail.coace.duckdns.org/10.0.1.3
+      host-record=mail.coace.duckdns.org,10.0.1.3
+      mx-host=coace.duckdns.org,mail.coace.duckdns.org,10
+      server=/47.61.216.88.in-addr.arpa/10.0.1.3
+      ptr-record=47.61.216.88.in-addr.arpa,mail.coace.ducknds.org
+      ptr-record=47.61.216.88.in-addr.arpa,coace.ducknds.org
+      txt-record=coace.duckdns.org,"v=spf1 a:mail.coace.duckdns.org -all"
+      txt-record=mail._domainkey.coace.duckdns.org,"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGGeUul/gHC0VMajW6ReX4LH1oo9s52ath/UsvwMdb5vuA0FSjlTellSeP944MkEUt+EY8d64NRrV06+RipeGKweZNNGRybdefvGW2LlmJX0I6MIA6SD3hRPA1CYoX0boHKMAyjrBAzqZmhAXRZNro2nO1H0hCaHriOSH1ru4CYQIDAQAB"
+      txt-record=_dmarc.coace.duckdns.org,"v=DMARC1; p=none"
     '';
   };