nixos/modules/services/docker-mailserver/default.nix

{
  config,
  inputs,
  lib,
  pkgs,
  ...
}:
let
  cfg = config.services.az-mailserver;
  version = "13.3.1";
  mailserver-setup =
    (pkgs.writeScriptBin "mailserver-setup" "${builtins.readFile (
      pkgs.fetchurl {
        url = "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v${version}/setup.sh";
        sha256 = "sha256-HMT790mp5ADdNYaOLUJfHJq9LWI0OPilTabAhogVXnc=";
      }
    )}"
    ).overrideAttrs
      (
        old: {
          buildCommand = ''
            ${old.buildCommand}
             patchShebangs $out'';
        }
      );
  volumePath = "/mnt/server-data/docker-mailserver";
in
{
  options = {
    services.az-mailserver.enable = lib.mkEnableOption "Enable docker-mailserver";
  };

  config = lib.mkIf cfg.enable {
    services.az-telegram-notifications.enable = true;

    age.secrets.dkim2liCh = {
      file = "${inputs.self}/scrts/dkim_2li.ch.age";
      mode = "600";
      owner = "113";
      group = "115";
    };
    age.secrets.dkimZweiliCh = {
      file = "${inputs.self}/scrts/dkim_zweili.ch.age";
      mode = "600";
      owner = "113";
      group = "115";
    };

    environment.etc = {
      "dkim/2li.ch.private" = {
        enable = true;
        source = config.age.secrets.dkim2liCh.path;
      };
      "dkim/zweili.ch.private" = {
        enable = true;
        source = config.age.secrets.dkimZweiliCh.path;
      };
    };

    environment.systemPackages = [ mailserver-setup ];

    fileSystems."${volumePath}" = {
      device = "10.7.89.108:server_data/docker-mailserver";
      fsType = "nfs";
      options = [
        "hard"
        "nfsvers=4.0"
        "noatime"
        "nolock"
        "rw"
      ];
    };
    services.az-docker.enable = true;

    virtualisation.oci-containers = {
      backend = "docker";
      containers."mailserver" = {
        # https://hub.docker.com/r/mailserver/docker-mailserver/tags
        image = "docker.io/mailserver/docker-mailserver:${version}";
        autoStart = true;
        environmentFiles = [ ./mailserver.env ];
        ports = [
          "25:25"
          "143:143"
          "465:465"
          "587:587"
          "993:993"
          "11334:11334"
        ];
        volumes = [
          "/etc/localtime:/etc/localtime:ro"
          "/etc/dkim:/etc/dkim:ro"
          "/etc/static:/etc/static:ro"
          "/run/agenix:/run/agenix:ro"
          "/var/lib/acme/mail.zweili.org:/etc/letsencrypt/live/mail.zweili.org:ro"
          "/var/lib/redis:/var/lib/redis"
          "${volumePath}/maildata:/var/mail"
          "${volumePath}/mailstate:/var/mail-state"
          "${volumePath}/maillogs:/var/log/mail"
          "${volumePath}/config:/tmp/docker-mailserver"
        ];
        extraOptions = [
          "--add-host=host.docker.internal:host-gateway"
          "--cap-add=NET_ADMIN"
          "--log-opt=tag='mailserver'"
        ];
      };
    };
  };
}
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`{`
			`config,`
			`inputs,`
			`lib,`
			`pkgs,`
			`...`
			`}:`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`let`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`cfg = config.services.az-mailserver;`
Update docker-mailserver 2024-02-05 15:33:09 +01:00			`version = "13.3.1";`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`mailserver-setup =`
			`(pkgs.writeScriptBin "mailserver-setup" "${builtins.readFile (`
			`pkgs.fetchurl {`
			`url = "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v${version}/setup.sh";`
			`sha256 = "sha256-HMT790mp5ADdNYaOLUJfHJq9LWI0OPilTabAhogVXnc=";`
			`}`
			`)}"`
			`).overrideAttrs`
			`(`
			`old: {`
			`buildCommand = ''`
			`${old.buildCommand}`
			`patchShebangs $out'';`
			`}`
			`);`
Move the NFS share to the filesystem 2023-12-28 23:01:50 +01:00			`volumePath = "/mnt/server-data/docker-mailserver";`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`in`
			`{`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`options = {`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`services.az-mailserver.enable = lib.mkEnableOption "Enable docker-mailserver";`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00			`};`

Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`config = lib.mkIf cfg.enable {`
			`services.az-telegram-notifications.enable = true;`

			`age.secrets.dkim2liCh = {`
			`file = "${inputs.self}/scrts/dkim_2li.ch.age";`
			`mode = "600";`
Adjust DKIM permissions 2024-03-04 22:31:57 +01:00			`owner = "113";`
			`group = "115";`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00			`};`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`age.secrets.dkimZweiliCh = {`
			`file = "${inputs.self}/scrts/dkim_zweili.ch.age";`
			`mode = "600";`
Adjust DKIM permissions 2024-03-04 22:31:57 +01:00			`owner = "113";`
			`group = "115";`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`};`

			`environment.etc = {`
			`"dkim/2li.ch.private" = {`
			`enable = true;`
			`source = config.age.secrets.dkim2liCh.path;`
			`};`
			`"dkim/zweili.ch.private" = {`
			`enable = true;`
			`source = config.age.secrets.dkimZweiliCh.path;`
			`};`
Fix the DKIM setup 2023-05-16 20:30:59 +02:00			`};`

Switch from nixpkgs-fmt to nixfmt 2024-01-01 13:14:24 +01:00			`environment.systemPackages = [ mailserver-setup ];`
Move docker into options 2023-05-29 17:10:15 +02:00
Move the NFS share to the filesystem 2023-12-28 23:01:50 +01:00			`fileSystems."${volumePath}" = {`
			`device = "10.7.89.108:server_data/docker-mailserver";`
			`fsType = "nfs";`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`options = [`
			`"hard"`
Adjust mount options for mailserver 2024-03-04 22:32:15 +01:00			`"nfsvers=4.0"`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`"noatime"`
Adjust mount options for mailserver 2024-03-04 22:32:15 +01:00			`"nolock"`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`"rw"`
			`];`
Move the NFS share to the filesystem 2023-12-28 23:01:50 +01:00			`};`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`services.az-docker.enable = true;`
Move docker into options 2023-05-29 17:10:15 +02:00
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`virtualisation.oci-containers = {`
			`backend = "docker";`
			`containers."mailserver" = {`
			`# https://hub.docker.com/r/mailserver/docker-mailserver/tags`
			`image = "docker.io/mailserver/docker-mailserver:${version}";`
			`autoStart = true;`
Switch from nixpkgs-fmt to nixfmt 2024-01-01 13:14:24 +01:00			`environmentFiles = [ ./mailserver.env ];`
Switch to nixfmt-rfc-style 2024-02-02 13:45:05 +01:00			`ports = [`
			`"25:25"`
			`"143:143"`
			`"465:465"`
			`"587:587"`
			`"993:993"`
			`"11334:11334"`
			`];`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`volumes = [`
			`"/etc/localtime:/etc/localtime:ro"`
			`"/etc/dkim:/etc/dkim:ro"`
			`"/etc/static:/etc/static:ro"`
			`"/run/agenix:/run/agenix:ro"`
			`"/var/lib/acme/mail.zweili.org:/etc/letsencrypt/live/mail.zweili.org:ro"`
			`"/var/lib/redis:/var/lib/redis"`
Move the NFS share to the filesystem 2023-12-28 23:01:50 +01:00			`"${volumePath}/maildata:/var/mail"`
			`"${volumePath}/mailstate:/var/mail-state"`
			`"${volumePath}/maillogs:/var/log/mail"`
			`"${volumePath}/config:/tmp/docker-mailserver"`
Move docker-mailserver into options 2023-06-05 11:39:36 +02:00			`];`
			`extraOptions = [`
			`"--add-host=host.docker.internal:host-gateway"`
			`"--cap-add=NET_ADMIN"`
			`"--log-opt=tag='mailserver'"`
			`];`
			`};`
Add a module for docker-mailserver 2022-11-03 18:54:15 +01:00			`};`
			`};`
			`}`