diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-04-12 16:28:46 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-04-23 12:10:33 +0200 |
| commit | 2452418a7a3aea1ecfd54f135f4814e0c51b946c (patch) | |
| tree | 997a1107995930d3f036544f7690d4d46d5296dd /tests/by-name/em/email-http/nodes/mail_server.nix | |
| parent | modules/stalwart-mail: Don't restart the systemd service (diff) | |
| download | nixos-server-2452418a7a3aea1ecfd54f135f4814e0c51b946c.zip | |
tests/email-http: Test the http self-service availability
Diffstat (limited to 'tests/by-name/em/email-http/nodes/mail_server.nix')
| -rw-r--r-- | tests/by-name/em/email-http/nodes/mail_server.nix | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/tests/by-name/em/email-http/nodes/mail_server.nix b/tests/by-name/em/email-http/nodes/mail_server.nix new file mode 100644 index 0000000..e94c4e9 --- /dev/null +++ b/tests/by-name/em/email-http/nodes/mail_server.nix @@ -0,0 +1,57 @@ +{ + extraModules, + pkgs, + vhackPackages, +}: { + mkMailServer = serverName: principal: { + config, + lib, + nodes, + ... + }: { + imports = + extraModules + ++ [ + ../../../../../modules + ../../../../common/acme/client.nix + ]; + + environment.systemPackages = [ + pkgs.bind + pkgs.openssl + ]; + + networking.nameservers = lib.mkForce [ + nodes.name_server.networking.primaryIPAddress + nodes.name_server.networking.primaryIPv6Address + ]; + + age.identityPaths = ["${../../../../common/email/hostKey}"]; + + vhack = { + stalwart-mail = { + enable = true; + fqdn = "${serverName}.server.com"; + admin = "admin@${serverName}.server.com"; + security = { + dkimKeys = let + loadKey = name: { + dkimPublicKey = builtins.readFile (../../../../common/email/dkim + "/${name}/public"); + dkimPrivateKeyPath = ../../../../common/email/dkim + "/${name}/private.age"; + keyAlgorithm = "ed25519-sha256"; + }; + in { + "mail.server.com" = loadKey "mail1.server.com"; + "bob.com" = loadKey "bob.com"; + }; + verificationMode = "strict"; + }; + openFirewall = true; + principals = + if principal == null + then null + else [principal]; + }; + }; + }; +} |