freifunk/mail2-nixos-config
8
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
mail2-nixos-config/nixos-mailserver/options.nix
Daniel Frank 284dd09a91
pull nixos-mailserver module into this repo
2024-05-20 20:59:26 +02:00

123 lines
5.5 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
types = lib.types;
mkOption = lib.mkOption;
mkEnableOption = lib.mkEnableOption;
in
{
options = {
services.mymailserver = {
enable = mkEnableOption "Enable mailserver config using dovecot, rspamd, postfix, postfixadmin and roundcube over nginx";
logging = mkOption {
type = types.bool;
default = true;
description = ''
If set to false, redirects all logging by dovecot and postfix to /dev/null.
'';
};
adminAddress = mkOption {
type = types.str;
description = ''
Email address of the postmaster. Must be a valid address.
This address will be added by default as target for the
abuse, hostmaster, postmaster and webmaster addresses
when setting up new domains in Postfix Admin.
This also sets services.postfix.{postmasterAlias,rootAlias}.
'';
};
mailFQDN = mkOption {
type = types.str;
default = config.networking.fqdn;
description = ''
This defines the hostname that the mailserver considers itself to be.
It will try to automatically get an ACME certificates for dovecot and
postfix this FQDN and postfix will use this as its own fqdn.
Defaults to whatever networking.fqdn is set to, which requires both
networking.{hostName,domainName} to be set.
'';
};
pfaFQDN = mkOption {
type = types.str;
default = "pfa.${config.services.mymailserver.mailFQDN}";
description = ''
The domain under which the Postfix Admin tool will be reachable at through https.
'';
};
pfaSetupPWHash = mkOption {
type = with types; nullOr str;
default = null;
description = ''
The PostfixAdmin setup password hash. Required to initialize PostfixAdmin.
PostfixAdmin will tell you to set this hash in its config file after you entered
a new password. The default value should never match any password.
'';
};
roundcubeFQDN = mkOption {
type = types.str;
default = "${config.services.mymailserver.mailFQDN}";
description = ''
The domain under which roundcube will be reachable at through https.
'';
};
# Variables used internally in multiple config files
internal = {
dovecotAuthSocket = mkOption { default = "/run/dovecot2/dovecot-auth"; };
dovecotLmtpSocket = mkOption { default = "/run/dovecot2/dovecot-lmtp"; };
pfadminDataDir = mkOption { default = "/var/lib/postfixadmin"; };
postfixadminpkgCacheDir = mkOption { default = "/var/cache/postfixadmin"; };
pfaGroup = mkOption { default = "pfadmin"; };
pfaUser = mkOption { default = "pfadmin"; };
roundcubeUser = mkOption { default = "roundcube"; };
roundcubeGroup = mkOption { default = "roundcube"; };
roundcubeDataDir = mkOption { default = "/var/lib/roundcube"; };
rspamdMilterSocket = mkOption { default = "/run/rspamd/milter"; };
vmailBaseDir = mkOption { default = "/var/vmail"; };
vmailGID = mkOption { default = 10000; };
vmailGroup = mkOption { default = "vmail"; };
vmailUID = mkOption { default = 10000; };
vmailUser = mkOption { default = "vmail"; };
postfixadminpkg = mkOption { default = (pkgs.callPackage ./pkg-postfixadmin.nix {
config = (pkgs.writeText "postfixadmin-config.local.php" ''
<?php
$CONF['configured'] = true;
${ lib.optionalString (config.services.mymailserver.pfaSetupPWHash != null) ''
$CONF['setup_password'] = '${config.services.mymailserver.pfaSetupPWHash}';
'' }
$CONF['database_type'] = 'sqlite';
$CONF['database_name'] = '${config.services.mymailserver.internal.pfadminDataDir}/postfixadmin.db';
$CONF['password_expiration'] = 'NO';
$CONF['encrypt'] = 'dovecot:BLF-CRYPT';
$CONF['dovecotpw'] = "${pkgs.dovecot}/bin/doveadm pw";
$CONF['generate_password'] = 'YES';
$CONF['show_password'] = 'NO';
$CONF['password_validation'] = array(
# '/regular expression/' => '$PALANG key (optional: + parameter)',
# '/.{5}/' => 'password_too_short 5', # minimum length 5 characters
# '/([a-zA-Z].*){3}/' => 'password_no_characters 3', # must contain at least 3 characters
# '/([0-9].*){2}/' => 'password_no_digits 2', # must contain at least 2 digits
);
$CONF['quota'] = 'NO';
$CONF['fetchmail'] = 'NO';
$CONF['recipient_delimiter'] = "+";
$CONF['forgotten_user_password_reset'] = false;
$CONF['forgotten_admin_password_reset'] = false;
$CONF['aliases'] = '0';
$CONF['mailboxes'] = '0';
$CONF['default_aliases'] = array (
'abuse' => '${config.services.mymailserver.adminAddress}',
'hostmaster' => '${config.services.mymailserver.adminAddress}',
'postmaster' => '${config.services.mymailserver.adminAddress}',
'webmaster' => '${config.services.mymailserver.adminAddress}'
);
$CONF['footer_text'] = "";
$CONF['footer_link'] = "";
?>
'');
cacheDir = config.services.mymailserver.internal.postfixadminpkgCacheDir;
} ); };
};
};
};
}
Reference in a new issue View git blame Copy permalink