···

       
651
       
651
       
 
       
  ./services/logging/syslogd.nix

     

       
652
       
652
       
 
       
  ./services/logging/vector.nix

     

       
653
       
653
       
 
       
  ./services/logging/ulogd.nix

     

       
654
       
654
       
+
       
  ./services/mail/automx2.nix

     

       
654
       
655
       
 
       
  ./services/mail/clamsmtp.nix

     

       
655
       
656
       
 
       
  ./services/mail/davmail.nix

     

       
656
       
657
       
 
       
  ./services/mail/dkimproxy-out.nix

     

···

       
1
       
1
       
+
       
{

     

       
2
       
2
       
+
       
  config,

     

       
3
       
3
       
+
       
  lib,

     

       
4
       
4
       
+
       
  pkgs,

     

       
5
       
5
       
+
       
  ...

     

       
6
       
6
       
+
       
}:

     

       
7
       
7
       
+
       


     

       
8
       
8
       
+
       
let

     

       
9
       
9
       
+
       
  cfg = config.services.automx2;

     

       
10
       
10
       
+
       
  format = pkgs.formats.json { };

     

       
11
       
11
       
+
       
in

     

       
12
       
12
       
+
       
{

     

       
13
       
13
       
+
       
  options = {

     

       
14
       
14
       
+
       
    services.automx2 = {

     

       
15
       
15
       
+
       
      enable = lib.mkEnableOption "automx2";

     

       
16
       
16
       
+
       


     

       
17
       
17
       
+
       
      package = lib.mkPackageOption pkgs [

     

       
18
       
18
       
+
       
        "python3Packages"

     

       
19
       
19
       
+
       
        "automx2"

     

       
20
       
20
       
+
       
      ] { };

     

       
21
       
21
       
+
       


     

       
22
       
22
       
+
       
      domain = lib.mkOption {

     

       
23
       
23
       
+
       
        type = lib.types.str;

     

       
24
       
24
       
+
       
        example = "example.com";

     

       
25
       
25
       
+
       
        description = ''

     

       
26
       
26
       
+
       
          E-Mail-Domain for which mail client autoconfig/autoconfigure should be set up.

     

       
27
       
27
       
+
       
          The `autoconfig` and `autodiscover` subdomains are automatically prepended and set up with ACME.

     

       
28
       
28
       
+
       
          The names of those domains are hardcoded in the mail clients and are not configurable.

     

       
29
       
29
       
+
       
        '';

     

       
30
       
30
       
+
       
      };

     

       
31
       
31
       
+
       


     

       
32
       
32
       
+
       
      port = lib.mkOption {

     

       
33
       
33
       
+
       
        type = lib.types.port;

     

       
34
       
34
       
+
       
        default = 4243;

     

       
35
       
35
       
+
       
        description = "Port used by automx2.";

     

       
36
       
36
       
+
       
      };

     

       
37
       
37
       
+
       


     

       
38
       
38
       
+
       
      settings = lib.mkOption {

     

       
39
       
39
       
+
       
        inherit (format) type;

     

       
40
       
40
       
+
       
        description = ''

     

       
41
       
41
       
+
       
          Bootstrap json to populate database.

     

       
42
       
42
       
+
       
          See [docs](https://rseichter.github.io/automx2/#_sqlite) for details.

     

       
43
       
43
       
+
       
        '';

     

       
44
       
44
       
+
       
      };

     

       
45
       
45
       
+
       
    };

     

       
46
       
46
       
+
       
  };

     

       
47
       
47
       
+
       


     

       
48
       
48
       
+
       
  config = lib.mkIf cfg.enable {

     

       
49
       
49
       
+
       
    services.nginx = {

     

       
50
       
50
       
+
       
      enable = true;

     

       
51
       
51
       
+
       
      virtualHosts = {

     

       
52
       
52
       
+
       
        "autoconfig.${cfg.domain}" = {

     

       
53
       
53
       
+
       
          enableACME = true;

     

       
54
       
54
       
+
       
          forceSSL = true;

     

       
55
       
55
       
+
       
          serverAliases = [ "autodiscover.${cfg.domain}" ];

     

       
56
       
56
       
+
       
          locations = {

     

       
57
       
57
       
+
       
            "/".proxyPass = "http://127.0.0.1:${toString cfg.port}/";

     

       
58
       
58
       
+
       
            "/initdb".extraConfig = ''

     

       
59
       
59
       
+
       
              # Limit access to clients connecting from localhost

     

       
60
       
60
       
+
       
              allow 127.0.0.1;

     

       
61
       
61
       
+
       
              deny all;

     

       
62
       
62
       
+
       
            '';

     

       
63
       
63
       
+
       
          };

     

       
64
       
64
       
+
       
        };

     

       
65
       
65
       
+
       
      };

     

       
66
       
66
       
+
       
    };

     

       
67
       
67
       
+
       


     

       
68
       
68
       
+
       
    systemd.services.automx2 = {

     

       
69
       
69
       
+
       
      after = [ "network.target" ];

     

       
70
       
70
       
+
       
      postStart = ''

     

       
71
       
71
       
+
       
        sleep 3

     

       
72
       
72
       
+
       
        ${lib.getExe pkgs.curl} -X POST --json @${format.generate "automx2.json" cfg.settings} http://127.0.0.1:${toString cfg.port}/initdb/

     

       
73
       
73
       
+
       
      '';

     

       
74
       
74
       
+
       
      serviceConfig = {

     

       
75
       
75
       
+
       
        Environment = [

     

       
76
       
76
       
+
       
          "AUTOMX2_CONF=${pkgs.writeText "automx2-conf" ''

     

       
77
       
77
       
+
       
            [automx2]

     

       
78
       
78
       
+
       
            loglevel = WARNING

     

       
79
       
79
       
+
       
            db_uri = sqlite:///:memory:

     

       
80
       
80
       
+
       
            proxy_count = 1

     

       
81
       
81
       
+
       
          ''}"

     

       
82
       
82
       
+
       
          "FLASK_APP=automx2.server:app"

     

       
83
       
83
       
+
       
          "FLASK_CONFIG=production"

     

       
84
       
84
       
+
       
        ];

     

       
85
       
85
       
+
       
        ExecStart = "${

     

       
86
       
86
       
+
       
          pkgs.python3.buildEnv.override { extraLibs = [ cfg.package ]; }

     

       
87
       
87
       
+
       
        }/bin/flask run --host=127.0.0.1 --port=${toString cfg.port}";

     

       
88
       
88
       
+
       
        Restart = "always";

     

       
89
       
89
       
+
       
        StateDirectory = "automx2";

     

       
90
       
90
       
+
       
        User = "automx2";

     

       
91
       
91
       
+
       
        WorkingDirectory = "/var/lib/automx2";

     

       
92
       
92
       
+
       
      };

     

       
93
       
93
       
+
       
      unitConfig = {

     

       
94
       
94
       
+
       
        Description = "MUA configuration service";

     

       
95
       
95
       
+
       
        Documentation = "https://rseichter.github.io/automx2/";

     

       
96
       
96
       
+
       
      };

     

       
97
       
97
       
+
       
      wantedBy = [ "multi-user.target" ];

     

       
98
       
98
       
+
       
    };

     

       
99
       
99
       
+
       


     

       
100
       
100
       
+
       
    users = {

     

       
101
       
101
       
+
       
      groups.automx2 = { };

     

       
102
       
102
       
+
       
      users.automx2 = {

     

       
103
       
103
       
+
       
        group = "automx2";

     

       
104
       
104
       
+
       
        isSystemUser = true;

     

       
105
       
105
       
+
       
      };

     

       
106
       
106
       
+
       
    };

     

       
107
       
107
       
+
       
  };

     

       
108
       
108
       
+
       
}