diff options
| -rw-r--r-- | modules/by-name/ma/mail/module.nix | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/modules/by-name/ma/mail/module.nix b/modules/by-name/ma/mail/module.nix index 500abd0..da45f97 100644 --- a/modules/by-name/ma/mail/module.nix +++ b/modules/by-name/ma/mail/module.nix @@ -63,29 +63,32 @@ in { mode = "0700"; } ]; + vhack.nginx.enable = true; security.acme.certs = { "${cfg.fqdn}" = { domain = cfg.fqdn; }; }; + mailserver = { enable = true; inherit (cfg) fqdn; - stateVersion = 3; - - useFsLayout = true; + stateVersion = 5; - extraVirtualAliases = { + aliases = { "abuse@vhack.eu" = all_admins; "postmaster@vhack.eu" = all_admins; "admin@vhack.eu" = all_admins; }; - mailDirectory = "/var/lib/mail/vmail"; - dkimKeyDirectory = "/var/lib/mail/dkim"; - sieveDirectory = "/var/lib/mail/sieve"; + storage = { + directoryLayout = "fs"; + path = "/var/lib/mail/vmail"; + }; + + dkim.keyDirectory = "/var/lib/mail/dkim"; backup.snapshotRoot = "/var/lib/mail/backup"; enableImap = false; @@ -97,9 +100,8 @@ in { enableSubmissionSsl = true; openFirewall = true; - keyFile = "/var/lib/acme/${cfg.fqdn}/key.pem"; - certificateScheme = "acme"; - certificateFile = "/var/lib/acme/${cfg.fqdn}/fullchain.pem"; + # Reference the existing ACME configuration created by nginx + x509.useACMEHost = cfg.fqdn; domains = [ "vhack.eu" @@ -112,7 +114,7 @@ in { "sils.sils.li" ]; - loginAccounts = { + accounts = { "sils@vhack.eu" = { hashedPassword = "$2b$05$RW/Svgk7iGxvP5W7ZwUZ1e.a3fj4fteevb2MtfFYYD0d1DQ17y9Fm"; }; |