{
  nixos-lib,
  pkgsUnstable,
  nixpkgs-unstable,
  vhackPackages,
  pkgs,
  extraModules,
  nixLib,
  ...
}: let
  mail_server = import ./nodes/mail_server.nix {inherit extraModules pkgs vhackPackages;};
  inherit (mail_server) mkMailServer;
  user = import ./nodes/user.nix {inherit pkgs vhackPackages;};
  inherit (user) mkUser;
in
  nixos-lib.runTest {
    hostPkgs = pkgs; # the Nixpkgs package set used outside the VMs

    name = "email-http";

    node = {
      specialArgs = {inherit pkgsUnstable vhackPackages nixpkgs-unstable nixLib;};

      # Use the nixpkgs as constructed by the `nixpkgs.*` options
      pkgs = null;
    };

    nodes = {
      acme = {
        nodes,
        lib,
        ...
      }: {
        imports = [
          ../../../common/acme/server.nix
          ../../../common/dns/client.nix
        ];
      };

      name_server = {nodes, ...}: {
        imports =
          extraModules
          ++ [
            ../../../common/acme/client.nix
            ../../../common/dns/server.nix
          ];

        vhack.dns.zones = {
          "mail.server.com" = {
            SOA = {
              nameServer = "ns";
              adminEmail = "admin@server.com";
              serial = 2025012301;
            };
            useOrigin = false;

            A = [
              nodes.mail_server.networking.primaryIPAddress
            ];
            AAAA = [
              nodes.mail_server.networking.primaryIPv6Address
            ];
          };
        };
      };

      mail_server = mkMailServer "mail" null;

      bob = mkUser "bob" "mail";
    };

    # TODO(@bpeetz): This test should also test the http JMAP features of stalwart-mail. <2025-04-12>
    testScript = _: let
      acme_scripts = import ../../../common/acme/scripts.nix {inherit pkgs;};
    in
      /*
      python
      */
      ''
        # Start dependencies for the other services
        acme.start()
        acme.wait_for_unit("pebble.service")
        name_server.start()
        name_server.wait_for_unit("nsd.service")

        # Start the actual testing machines
        start_all()

        mail_server.wait_for_unit("stalwart-mail.service")
        mail_server.wait_for_open_port(993) # imap
        mail_server.wait_for_open_port(465) # smtp

        bob.wait_for_unit("multi-user.target")

        with subtest("Add pebble ca key to all services"):
          for node in [name_server, mail_server, bob]:
            node.wait_for_unit("network-online.target")
            node.succeed("${acme_scripts.add_pebble_acme_ca}")

        with subtest("The mailserver successfully started all services"):
          import json
          def all_services_running(host):
            (status, output) = host.systemctl("list-units --state=failed --plain --no-pager --output=json")
            host_failed = json.loads(output)
            assert len(host_failed) == 0, f"Expected zero failing services, but found: {json.dumps(host_failed, indent=4)}"
          all_services_running(mail_server)

        with subtest("Bob can use the self-service interface"):
          bob.succeed("${pkgs.writeShellScript "check-self-service" ''
          curl mail.server.com --location --output /home/bob/output.html;
        ''}")

        bob.copy_from_vm("/home/bob", "")
      '';
  }