nixos-config/config/services/postfixadmin.nix

51 lines
1.4 KiB
Nix
Raw Normal View History

2022-08-26 16:28:14 +01:00
{
pkgs,
config,
2022-08-28 14:12:04 +01:00
lib,
2022-08-26 16:28:14 +01:00
...
}: {
2022-01-20 09:57:32 +01:00
services.postfixadmin = {
enable = true;
adminEmail = "lotte@chir.rs";
database = {
dbname = "postfix";
host = "localhost";
passwordFile = "/run/secrets/services/postfixadmin/dbpassword";
username = "postfixadmin";
};
hostName = "mail.chir.rs";
setupPasswordFile = "/run/secrets/services/postfixadmin/setupPassword";
2022-01-22 15:29:32 +01:00
extraConfig = ''
2022-01-22 15:37:01 +01:00
$CONF['encrypt'] = 'dovecot:ARGON2ID';
2022-01-22 15:29:32 +01:00
$CONF['dovecotpw'] = '${pkgs.dovecot}/bin/doveadm pw';
'';
2022-01-20 09:57:32 +01:00
};
sops.secrets."services/postfixadmin/dbpassword" = {
2022-01-20 10:24:06 +01:00
owner = "postfixadmin";
2022-01-20 09:57:32 +01:00
};
sops.secrets."services/postfixadmin/setupPassword" = {
2022-01-20 10:24:06 +01:00
owner = "postfixadmin";
2022-01-20 09:57:32 +01:00
};
2022-06-12 16:39:15 +01:00
services.postgresql.ensureDatabases = ["postfix"];
2022-01-20 09:57:32 +01:00
services.postgresql.ensureUsers = [
{
name = "postfixadmin";
ensurePermissions = {
"DATABASE \"postfix\"" = "ALL PRIVILEGES";
};
}
];
2022-08-26 16:28:14 +01:00
services.caddy.virtualHosts."mail.chir.rs" = {
useACMEHost = "chir.rs";
2022-12-30 14:03:57 +01:00
logFormat = pkgs.lib.mkForce "";
2022-08-26 16:28:14 +01:00
extraConfig = ''
import baseConfig
2022-08-28 14:12:04 +01:00
root * ${pkgs.postfixadmin}/public
2022-08-26 16:54:16 +01:00
php_fastcgi unix:${config.services.phpfpm.pools.postfixadmin.socket}
2022-08-26 16:28:14 +01:00
'';
2022-01-20 09:57:32 +01:00
};
2022-01-20 10:18:07 +01:00
services.phpfpm.pools.postfixadmin.settings."listen.group" = "acme"; # there is no nginx group
services.phpfpm.pools.postfixadmin.group = "dovecot";
2022-01-20 09:57:32 +01:00
}