nixos/modules/docker-mailserver/default.nix

{ config, inputs, pkgs, ... }:
let
  version = "12.1.0";
  mailserver-setup = (pkgs.writeScriptBin "mailserver-setup"
    "${builtins.readFile (pkgs.fetchurl {
      url = "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v${version}/setup.sh";
      sha256 = "sha256-i5RaupuYo3Bh99/FKbxXKFITO3Ko3LrWPvTD6xPBXzY";
    })
      }").overrideAttrs (old: {
    buildCommand = "${old.buildCommand}\n patchShebangs $out";
  });
in
{
  services.az-telegram-notifications.enable = true;

  age.secrets.dkim2liCh = {
    file = "${inputs.self}/scrts/dkim_2li.ch.age";
    mode = "600";
    owner = "113";
    group = "115";
  };
  age.secrets.dkimZweiliCh = {
    file = "${inputs.self}/scrts/dkim_zweili.ch.age";
    mode = "600";
    owner = "113";
    group = "115";
  };

  environment.etc = {
    "dkim/2li.ch.private" = {
      enable = true;
      source = config.age.secrets.dkim2liCh.path;
    };
    "dkim/zweili.ch.private" = {
      enable = true;
      source = config.age.secrets.dkimZweiliCh.path;
    };
  };

  environment.systemPackages = [
    mailserver-setup
  ];

  services.az-docker.enable = true;

  virtualisation.oci-containers = {
    backend = "docker";
    containers."mailserver" = {
      # https://hub.docker.com/r/mailserver/docker-mailserver/tags
      image = "docker.io/mailserver/docker-mailserver:${version}";
      autoStart = true;
      environmentFiles = [
        ./mailserver.env
      ];
      ports = [
        "25:25"
        "143:143"
        "465:465"
        "587:587"
        "993:993"
        "11334:11334"
      ];
      volumes = [
        "/etc/localtime:/etc/localtime:ro"
        "/etc/dkim:/etc/dkim:ro"
        "/etc/static:/etc/static:ro"
        "/run/agenix:/run/agenix:ro"
        "/var/lib/acme/mail.zweili.org:/etc/letsencrypt/live/mail.zweili.org:ro"
        "/var/lib/redis:/var/lib/redis"
      ];
      extraOptions = [
        ''--mount=type=volume,source=maildata,target=/var/mail,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/maildata,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
        ''--mount=type=volume,source=mailstate,target=/var/mail-state,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/mailstate,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
        ''--mount=type=volume,source=maillogs,target=/var/log/mail,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/maillogs,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
        ''--mount=type=volume,source=config,target=/tmp/docker-mailserver,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/config,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
        "--add-host=host.docker.internal:host-gateway"
        "--cap-add=NET_ADMIN"
        "--cap-add=SYS_PTRACE"
        "--log-opt=tag='mailserver'"
      ];
    };
  };
}
Remove custom from modules 2023-05-29 16:21:23 +02:00			`{ config, inputs, pkgs, ... }:`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`let`
Update docker-mailserver 2023-05-15 10:40:46 +02:00			`version = "12.1.0";`
Path the shebang in mailserver-setup 2022-11-03 19:33:49 +01:00			`mailserver-setup = (pkgs.writeScriptBin "mailserver-setup"`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`"${builtins.readFile (pkgs.fetchurl {`
Update docker-mailserver 2023-05-01 14:53:44 +02:00			`url = "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v${version}/setup.sh";`
Update SHA for the setup.sh script 2023-05-15 11:32:11 +02:00			`sha256 = "sha256-i5RaupuYo3Bh99/FKbxXKFITO3Ko3LrWPvTD6xPBXzY";`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`})`
Path the shebang in mailserver-setup 2022-11-03 19:33:49 +01:00			`}").overrideAttrs (old: {`
			`buildCommand = "${old.buildCommand}\n patchShebangs $out";`
			`});`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`in`
			`{`
Move telegram-notifications into options 2023-05-29 19:12:39 +02:00			`services.az-telegram-notifications.enable = true;`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00
			`age.secrets.dkim2liCh = {`
Remove custom from modules 2023-05-29 16:21:23 +02:00			`file = "${inputs.self}/scrts/dkim_2li.ch.age";`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00			`mode = "600";`
			`owner = "113";`
			`group = "115";`
			`};`
			`age.secrets.dkimZweiliCh = {`
Remove custom from modules 2023-05-29 16:21:23 +02:00			`file = "${inputs.self}/scrts/dkim_zweili.ch.age";`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00			`mode = "600";`
			`owner = "113";`
			`group = "115";`
			`};`

			`environment.etc = {`
			`"dkim/2li.ch.private" = {`
			`enable = true;`
			`source = config.age.secrets.dkim2liCh.path;`
			`};`
			`"dkim/zweili.ch.private" = {`
			`enable = true;`
			`source = config.age.secrets.dkimZweiliCh.path;`
			`};`
			`};`

Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`environment.systemPackages = [`
			`mailserver-setup`
			`];`
Move docker into options 2023-05-29 17:10:15 +02:00
			`services.az-docker.enable = true;`

Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`virtualisation.oci-containers = {`
			`backend = "docker";`
			`containers."mailserver" = {`
Add URLs to docker images 2023-03-06 14:24:47 +01:00			`# https://hub.docker.com/r/mailserver/docker-mailserver/tags`
Add missing dollar sign 2023-05-09 07:03:49 +02:00			`image = "docker.io/mailserver/docker-mailserver:${version}";`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`autoStart = true;`
Move the env variables into a seperate file This way the main config is a bit more readable and the variables are easier to update. 2022-11-03 18:58:54 +01:00			`environmentFiles = [`
Remove quotes Apparently with quotes it's not of type path 2022-11-04 13:27:35 +01:00			`./mailserver.env`
Move the env variables into a seperate file This way the main config is a bit more readable and the variables are easier to update. 2022-11-03 18:58:54 +01:00			`];`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`ports = [`
			`"25:25"`
			`"143:143"`
			`"465:465"`
			`"587:587"`
			`"993:993"`
Change to rspamd 2023-05-15 15:29:23 +02:00			`"11334:11334"`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`];`
			`volumes = [`
			`"/etc/localtime:/etc/localtime:ro"`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00			`"/etc/dkim:/etc/dkim:ro"`
			`"/etc/static:/etc/static:ro"`
			`"/run/agenix:/run/agenix:ro"`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`"/var/lib/acme/mail.zweili.org:/etc/letsencrypt/live/mail.zweili.org:ro"`
Add a volume for redis 2023-05-15 16:36:20 +02:00			`"/var/lib/redis:/var/lib/redis"`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`];`
			`extraOptions = [`
			`''--mount=type=volume,source=maildata,target=/var/mail,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/maildata,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''`
			`''--mount=type=volume,source=mailstate,target=/var/mail-state,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/mailstate,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''`
			`''--mount=type=volume,source=maillogs,target=/var/log/mail,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/maillogs,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''`
			`''--mount=type=volume,source=config,target=/tmp/docker-mailserver,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/config,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''`
			`"--add-host=host.docker.internal:host-gateway"`
			`"--cap-add=NET_ADMIN"`
			`"--cap-add=SYS_PTRACE"`
Add tags to all containers 2023-03-03 17:57:48 +01:00			`"--log-opt=tag='mailserver'"`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`];`
			`};`
			`};`
			`}`