working mail
This commit is contained in:
Kopatz
@@ -1,8 +1,4 @@
|
||||
{ config, pkgs, modulesPath, lib, ... }:
|
||||
|
||||
let
|
||||
tmp_dovecot_passwords = "kopatz:{PLAIN}password:5000:5000::/home/kopatz";
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
@@ -15,6 +11,7 @@ in
|
||||
../../modules/misc/kernel.nix
|
||||
../../modules/services/duckdns.nix
|
||||
./disk-config.nix
|
||||
./mail.nix
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
(modulesPath + "/profiles/qemu-guest.nix")
|
||||
];
|
||||
@@ -107,111 +104,8 @@ in
|
||||
virtualisation.vmware.guest.enable = true;
|
||||
services.xserver.videoDrivers = [ "vmware" ];
|
||||
|
||||
users = {
|
||||
users = {
|
||||
vmail = {
|
||||
isSystemUser = true;
|
||||
description = "Virtual mail user";
|
||||
home = "/data/vmail";
|
||||
uid = 5000;
|
||||
group = "vmail";
|
||||
};
|
||||
};
|
||||
groups = {
|
||||
vmail = {
|
||||
gid = 5000;
|
||||
};
|
||||
};
|
||||
};
|
||||
systemd.tmpfiles.rules = [ "d /data/vmail 0700 vmail vmail -" ];
|
||||
services.postfix = {
|
||||
enable = true;
|
||||
settings.main = {
|
||||
myhostname = "mail-kopatz.duckdns.org";
|
||||
mydomain = "mail-kopatz.duckdns.org";
|
||||
#myorigin = "$mydomain";
|
||||
mynetworks = [ "127.0.0.0/8" "192.168.0.0/24" "192.168.2.0/24" ];
|
||||
mydestination = [ "localhost.$mydomain" "localhost" ];
|
||||
recipient_delimiter = "+";
|
||||
virtual_mailbox_domains = [ "mail-kopatz.duckdns.org" ];
|
||||
virtual_mailbox_base = "/data/vmail";
|
||||
virtual_mailbox_maps = "hash:/etc/postfix/virtual-map";
|
||||
virtual_uid_maps = "static:${toString config.users.users.vmail.uid}";
|
||||
virtual_gid_maps = "static:${toString config.users.groups.vmail.gid}";
|
||||
virtual_transport = "virtual";
|
||||
local_transport = "virtual";
|
||||
local_recipient_maps = "$virtual_mailbox_maps";
|
||||
# TLS settings
|
||||
# TODO: enable tsl
|
||||
# smtpd_tls_security_level = "encrypt";
|
||||
# SASL authentication with dovecot
|
||||
smtpd_sasl_auth_enable = "yes";
|
||||
smtpd_sasl_type = "dovecot";
|
||||
smtpd_sasl_path = "private/auth";
|
||||
smtpd_sasl_security_options = "noanonymous";
|
||||
smtpd_sasl_local_domain = "$myhostname";
|
||||
smtpd_client_restrictions = "permit_sasl_authenticated,reject";
|
||||
smtpd_recipient_restrictions = "reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_sasl_authenticated,reject";
|
||||
};
|
||||
virtual = ''
|
||||
root@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
mailer-daemon@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
postmaster@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
nobody@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
hostmaster@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
usenet@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
news@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
webmaster@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
www@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
ftp@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
abuse@mail-kopatz.duckdns.org kopatz@mail-kopatz.duckdns.org
|
||||
'';
|
||||
mapFiles = {
|
||||
"virtual-map" = pkgs.writeText "postfix-virtual" ''
|
||||
kopatz@mail-kopatz.duckdns.org mail-kopatz.duckdns.org/kopatz/
|
||||
test@mail-kopatz.duckdns.org mail-kopatz.duckdns.org/test/
|
||||
'';
|
||||
};
|
||||
};
|
||||
services.dovecot2 = {
|
||||
enable = true;
|
||||
enableImap = true;
|
||||
enablePAM = false;
|
||||
configFile = pkgs.writeText "dovecot.conf" ''
|
||||
default_internal_user = ${config.services.dovecot2.user}
|
||||
default_internal_group = ${config.services.dovecot2.group}
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = scheme=CRYPT username_format=%u /etc/dovecot-users
|
||||
}
|
||||
|
||||
userdb {
|
||||
driver = passwd-file
|
||||
args = username_format=%u /etc/dovecot-users
|
||||
default_fields = uid=vmail gid=vmail home=/home/vmail/%u
|
||||
}
|
||||
mail_location = maildir:/data/vmail/mail-kopatz.duckdns.org/%n
|
||||
|
||||
ssl = no
|
||||
disable_plaintext_auth = no
|
||||
auth_mechanisms = plain
|
||||
|
||||
service auth {
|
||||
unix_listener /var/lib/postfix/queue/private/auth {
|
||||
group = postfix
|
||||
mode = 0660
|
||||
user = postfix
|
||||
}
|
||||
user = root
|
||||
}
|
||||
'';
|
||||
};
|
||||
environment.etc."dovecot-users".text = tmp_dovecot_passwords;
|
||||
|
||||
# 8888 = scheibenmeister skip button
|
||||
# 25 = stmp -> postfix
|
||||
# 143 = imap -> dovecot
|
||||
networking.firewall.allowedTCPPorts = [ 25565 25566 8888 25 143 ];
|
||||
networking.firewall.allowedTCPPorts = [ 25565 25566 8888 ];
|
||||
networking.hostName = "server-vm"; # Define your hostname.
|
||||
|
||||
#services.murmur = {
|
||||
|
||||
Reference in New Issue
Block a user