Nebucatnetzer/nixos
1
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7074ff859a
nixos/modules/docker-mailserver/default.nix

76 lines
3.4 KiB
Nix
Raw Blame History

{ custom }: { config, pkgs, ... }:
let
mailserver-setup = (pkgs.writeScriptBin "mailserver-setup"
"${builtins.readFile (pkgs.fetchurl {
url = "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v11.2.0/setup.sh";
sha256 = "sha256-V4NFapoU3thbPzhSX5DGR3cZAW1kCYZpAKsFeSjMGPY=";
})
}").overrideAttrs (old: {
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
in
{
imports = [
(import "${custom.inputs.self}/modules/telegram-notifications" { inherit custom; })
];
environment.systemPackages = [
mailserver-setup
];
virtualisation.oci-containers = {
backend = "docker";
containers."mailserver" = {
image = "docker.io/mailserver/docker-mailserver:11.2.0";
autoStart = true;
environmentFiles = [
./mailserver.env
];
ports = [
"25:25"
"143:143"
"465:465"
"587:587"
"993:993"
];
volumes = [
"/etc/localtime:/etc/localtime:ro"
"/var/lib/acme/mail.zweili.org:/etc/letsencrypt/live/mail.zweili.org:ro"
];
extraOptions = [
''--mount=type=volume,source=maildata,target=/var/mail,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/maildata,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
''--mount=type=volume,source=mailstate,target=/var/mail-state,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/mailstate,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
''--mount=type=volume,source=maillogs,target=/var/log/mail,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/maillogs,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
''--mount=type=volume,source=config,target=/tmp/docker-mailserver,volume-driver=local,volume-opt=type=nfs,volume-opt=device=:/server_data/docker-mailserver/config,"volume-opt=o=addr=10.7.89.108,rw,nfsvers=4.0,nolock,hard,noatime"''
"--add-host=host.docker.internal:host-gateway"
"--cap-add=NET_ADMIN"
"--cap-add=SYS_PTRACE"
];
};
};
systemd.timers."mailserver-sa-learn" = {
wantedBy = [ "timers.target" ];
partOf = [ "mailserver-sa-learn.service" ];
timerConfig = {
OnCalendar = "daily";
};
};
systemd.services."mailserver-sa-learn" = {
serviceConfig = {
User = "root";
Type = "oneshot";
};
onFailure = [ "unit-status-telegram@%n.service" ];
script = ''
# learn spam
${pkgs.docker}/bin/docker exec mailserver sa-learn --spam /var/mail/2li.ch/*/.Junk --dbpath /var/mail-state/lib-amavis/.spamassassin
${pkgs.docker}/bin/docker exec mailserver sa-learn --spam /var/mail/zweili.ch/*/.Junk --dbpath /var/mail-state/lib-amavis/.spamassassin
# ham: archive directories
${pkgs.docker}/bin/docker exec mailserver sa-learn --ham /var/mail/2li.ch/*/.Archive* --dbpath /var/mail-state/lib-amavis/.spamassassin
${pkgs.docker}/bin/docker exec mailserver sa-learn --ham /var/mail/zweili.ch/*/.Archive* --dbpath /var/mail-state/lib-amavis/.spamassassin
# ham: inbox subdirectories
${pkgs.docker}/bin/docker exec mailserver sa-learn --ham /var/mail/2li.ch/*/cur* --dbpath /var/mail-state/lib-amavis/.spamassassin
${pkgs.docker}/bin/docker exec mailserver sa-learn --ham /var/mail/zweili.ch/*/cur* --dbpath /var/mail-state/lib-amavis/.spamassassin
'';
};
}
Reference in New Issue View Git Blame Copy Permalink