Squash merge feat/mail-server into main

2025-07-14 16:18:20 +08:00 · 2025-07-14 16:18:20 +08:00 · 06bcfe62ff
commit 06bcfe62ff
parent 14f4243aee
21 changed files with 973 additions and 67 deletions
--- a/system/modules/mail-server/default.nix
+++ b/system/modules/mail-server/default.nix
@ -0,0 +1,127 @@
+{
+  config,
+  lib,
+  ...
+}:
+with lib;
+{
+  options.mail-server = {
+    enable = mkEnableOption "mail-server";
+
+    openFirewall = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        This option results in following configuration:
+
+        networking.firewall.allowedTCPPorts = [
+          25  # SMTP
+          465 # SMTPS
+          587 # STARTTLS
+          143 # IMAP STARTTLS
+          993 # IMAPS
+          110 # POP3 STARTTLS
+          995 # POP3S
+        ];
+      '';
+    };
+
+    extraAliases = mkOption {
+      type = with types; str;
+      default = "";
+      description = "Extra aliases";
+      example = ''
+        something: root
+        gender: root
+      '';
+    };
+
+    mailDir = mkOption {
+      type = with types; uniq str;
+      description = "Path to store local mails";
+      default = "~/Maildir";
+      example = "~/Maildir";
+    };
+
+    virtualMailDir = mkOption {
+      type = with types; path;
+      description = "Path to store virtual mails";
+      default = "/var/mail/vhosts";
+      example = "/var/mail/vmails";
+    };
+
+    uid = mkOption {
+      type = with types; int;
+      default = 5000;
+      description = "UID for \"vmail\"";
+    };
+
+    gid = mkOption {
+      type = with types; int;
+      default = 5000;
+      description = "GID for \"vmail\"";
+    };
+
+    domain = mkOption {
+      type = with types; uniq str;
+      default = config.networking.fqdn;
+      description = "Domain name used for mail server";
+    };
+
+    origin = mkOption {
+      type = with types; uniq str;
+      default = "";
+      description = "Origin to use in outgoing e-mail. Leave blank to use hostname.";
+    };
+
+    destination = mkOption {
+      type = with types; listOf str;
+      default = [ ];
+      description = "Postfix destination";
+    };
+
+    networks = mkOption {
+      type = with types; listOf str;
+      default = [ ];
+      description = "Postfix networks";
+    };
+
+    sslKey = mkOption {
+      type = with types; path;
+      description = "Path to the SSL key";
+      example = "/etc/ssl/private/key.pem";
+    };
+
+    sslCert = mkOption {
+      type = with types; path;
+      description = "Path to the SSL Certification";
+      example = "/etc/ssl/private/cert.pem";
+    };
+
+    dovecot = {
+      ldapFile = mkOption {
+        type = with types; path;
+        description = "Path to the dovecot openldap config file";
+        example = "/run/secrets/dovecot/ldap";
+      };
+    };
+
+    openldap = {
+      passwordFile = mkOption {
+        type = with types; path;
+        description = "Path to the openldap admin password file";
+        example = "/run/secrets/openldap/passwd";
+      };
+
+      enableWebUI = mkOption {
+        type = types.bool;
+        default = false;
+        description = "Use docker to run Ldap Account Manager for using web ui.";
+      };
+    };
+  };
+
+  imports = [
+    ./server.nix
+  ];
+}