Self-host your own digital island
ryan.freumh.org
1# nixos-mailserver: a simple mail server
2# Copyright (C) 2016-2018 Robin Raymond
3#
4# This program is free software: you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by
6# the Free Software Foundation, either version 3 of the License, or
7# (at your option) any later version.
8#
9# This program is distributed in the hope that it will be useful,
10# but WITHOUT ANY WARRANTY; without even the implied warranty of
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12# GNU General Public License for more details.
13#
14# You should have received a copy of the GNU General Public License
15# along with this program. If not, see <http://www.gnu.org/licenses/>
16
17{ config, pkgs, lib }:
18
19let
20 cfg = config.mailserver;
21in
22{
23 # cert :: PATH
24 certificatePath = if cfg.certificateScheme == 1
25 then cfg.certificateFile
26 else if cfg.certificateScheme == 2
27 then "${cfg.certificateDirectory}/cert-${cfg.fqdn}.pem"
28 else if cfg.certificateScheme == 3
29 then "${config.security.acme.certs.${cfg.fqdn}.directory}/fullchain.pem"
30 else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
31
32 # key :: PATH
33 keyPath = if cfg.certificateScheme == 1
34 then cfg.keyFile
35 else if cfg.certificateScheme == 2
36 then "${cfg.certificateDirectory}/key-${cfg.fqdn}.pem"
37 else if cfg.certificateScheme == 3
38 then "${config.security.acme.certs.${cfg.fqdn}.directory}/key.pem"
39 else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
40
41 passwordFiles = let
42 mkHashFile = name: hash: pkgs.writeText "${builtins.hashString "sha256" name}-password-hash" hash;
43 in
44 lib.mapAttrs (name: value:
45 if value.hashedPasswordFile == null then
46 builtins.toString (mkHashFile name value.hashedPassword)
47 else value.hashedPasswordFile) cfg.loginAccounts;
48}