hosts/trimounts/modules/email.nix at terra · ptr.pet/ark

ptr.pet / ark
nix machine / user configurations
ark / hosts / trimounts / modules / email.nix
at terra 1.5 kB view raw
 1{ pkgs, ... }:
 2{
 3  security.acme.certs."ptr.pet".extraDomainNames = [
 4    "mta-sts.ptr.pet"
 5    "autoconfig.ptr.pet"
 6    "autodiscover.ptr.pet"
 7  ];
 8  services.nginx.virtualHosts."ptr.pet" = {
 9    useACMEHost = "ptr.pet";
10    quic = true;
11    kTLS = true;
12    forceSSL = true;
13    locations."/mail/config-v1.1.xml" = {
14      return = "301 https://autoconfig.migadu.com/mail/config-v1.1.xml";
15    };
16    locations."/Autodiscover/Autodiscover.xml" = {
17      return = "301 https://autodiscover.migadu.com/Autodiscover/Autodiscover.xml";
18    };
19  };
20  services.nginx.virtualHosts."mta-sts.ptr.pet" =
21    let
22      file = pkgs.writeText "mta-sts.txt" ''
23        version: STSv1
24        mode: enforce
25        mx: aspmx1.migadu.com
26        mx: aspmx2.migadu.com
27        max_age: 31557600
28      '';
29    in
30    {
31      useACMEHost = "ptr.pet";
32      quic = true;
33      kTLS = true;
34      forceSSL = true;
35      locations."=/.well-known/mta-sts.txt".extraConfig = ''
36        alias ${file};
37        default_type text/plain;
38      '';
39    };
40  services.nginx.virtualHosts."autoconfig.ptr.pet" = {
41    useACMEHost = "ptr.pet";
42    quic = true;
43    kTLS = true;
44    forceSSL = true;
45    locations."/" = {
46      return = "301 https://autoconfig.migadu.com$request_uri";
47    };
48  };
49  services.nginx.virtualHosts."autodiscover.ptr.pet" = {
50    useACMEHost = "ptr.pet";
51    quic = true;
52    kTLS = true;
53    forceSSL = true;
54    locations."/" = {
55      return = "301 https://autodiscover.migadu.com$request_uri";
56    };
57  };
58}