From 136181ec3abd179197c295214bf2dd0611c7d4c2 Mon Sep 17 00:00:00 2001 From: coolneng Date: Fri, 25 Jun 2021 15:09:27 +0200 Subject: [PATCH] Deploy a mail server --- configuration.nix | 1 + modules/email.nix | 30 ++++++++++++++++++++++++++++++ modules/networking.nix | 10 ++++++++++ 3 files changed, 41 insertions(+) create mode 100644 modules/email.nix diff --git a/configuration.nix b/configuration.nix index a503fac..1d72d52 100644 --- a/configuration.nix +++ b/configuration.nix @@ -108,6 +108,7 @@ ./modules/monitoring.nix ./modules/periodic.nix ./modules/webstack.nix + ./modules/email.nix ]; } diff --git a/modules/email.nix b/modules/email.nix new file mode 100644 index 0000000..92f9a98 --- /dev/null +++ b/modules/email.nix @@ -0,0 +1,30 @@ +{ config, pkgs, ... }: + +let release = "nixos-21.05"; + +in { + imports = [ + (builtins.fetchTarball { + url = + "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz"; + sha256 = "1fwhb7a5v9c98nzhf3dyqf3a5ianqh7k50zizj8v5nmj3blxw4pi"; + }) + ]; + + # Mail server configuration + mailserver = { + enable = true; + fqdn = "mail.coace.duckdns.org"; + domains = [ "coace.duckdns.org" ]; + loginAccounts = { + "admin@coace.duckdns.org" = { + hashedPasswordFile = "/vault/mail/accounts/admin"; + aliases = [ "postmaster@coace.duckdns.org" ]; + }; + }; + localDnsResolver = false; + certificateScheme = 3; + mailDirectory = "/vault/mail/content"; + dkimKeyDirectory = "/vault/mail/dkim"; + }; +} diff --git a/modules/networking.nix b/modules/networking.nix index 8b7a425..8f890cd 100644 --- a/modules/networking.nix +++ b/modules/networking.nix @@ -150,6 +150,16 @@ in { conf-file=/var/lib/dnsmasq/dnsmasq.blacklist.txt address=/coace.duckdns.org/10.0.1.3 + # Mail server records + address=/mail.coace.duckdns.org/10.0.1.3 + host-record=mail.coace.duckdns.org,10.0.1.3 + mx-host=coace.duckdns.org,mail.coace.duckdns.org,10 + server=/47.61.216.88.in-addr.arpa/10.0.1.3 + ptr-record=47.61.216.88.in-addr.arpa,mail.coace.ducknds.org + ptr-record=47.61.216.88.in-addr.arpa,coace.ducknds.org + txt-record=coace.duckdns.org,"v=spf1 a:mail.coace.duckdns.org -all" + txt-record=mail._domainkey.coace.duckdns.org,"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGGeUul/gHC0VMajW6ReX4LH1oo9s52ath/UsvwMdb5vuA0FSjlTellSeP944MkEUt+EY8d64NRrV06+RipeGKweZNNGRybdefvGW2LlmJX0I6MIA6SD3hRPA1CYoX0boHKMAyjrBAzqZmhAXRZNro2nO1H0hCaHriOSH1ru4CYQIDAQAB" + txt-record=_dmarc.coace.duckdns.org,"v=DMARC1; p=none" ''; };