{ config, ... }: { mailserver = { enable = true; stateVersion = 3; fqdn = "taf.lyes.eu"; domains = [ "lyes.eu" "mail.lyes.eu" ]; localDnsResolver = false; enableManageSieve = true; # debug.all = true; # ldap = { # enable = true; # uris = [ "ldaps://auth.lyes.eu:636" ]; # searchBase = "dc=auth,dc=lyes,dc=eu"; # searchScope = "sub"; # bind = { # # dn = "dn=token,dc=auth,dc=lyes,dc=eu"; # dn = "dn=token"; # passwordFile = config.age.secrets.taf-token.path; # }; # dovecot = { # userFilter = "(name=%u)"; # passFilter = "(name=%u)"; # }; # postfix = { # filter = "(name=%s)"; # mailAttribute = "mail"; # uidAttribute = "name"; # }; # }; loginAccounts = { "lyes@mail.lyes.eu" = { hashedPasswordFile = config.age.secrets.lyes-mail-passwd.path; aliases = [ "@lyes.eu" ]; quota = "1T"; sieveScript = '' require ["include", "fileinto", "mailbox", "copy", "regex", "variables", "imap4flags"]; include :personal "hiddensieve"; # lyes.eu filters if address :is :domain "X-Original-To" "lyes.eu" { # If the mail comes from my crans mailbox if address :is :localpart "X-Original-To" "crans" { # Aurore Support if header :contains "List-Id" "" { fileinto :create "Crans.aurore.support"; } # Mailman moderation request elsif address :matches :all "To" "*-owner@lists.crans.org" { fileinto :create "Crans.moderation"; } # Crans Bureau elsif anyof ( header :contains "List-Id" "", header :contains "List-Id" "", header :contains "List-Id" "" ) { fileinto :create "Crans.crans.bureau"; } # Crans CA elsif header :contains "List-Id" "" { fileinto :create "Crans.crans.ca"; } # Crans Nounou elsif anyof ( header :contains "List-Id" "", header :contains "List-Id" "" ) { fileinto :create "Crans.crans.nounou"; } # Crans Root elsif anyof ( address :is :all "To" "root@crans.org", address :is :all "From" "root@crans.org", address :is :all "From" "www-data@crans.org" ) { fileinto :create "Crans.crans.root"; } # Crans Root Postmaster elsif address :is :all "To" "postmaster@crans.org" { addflag "\\Seen"; fileinto :create "Crans.crans.root.postmaster"; } # Crans Root Mailer elsif address :is :all "From" "MAILER-DAEMON@crans.org" { fileinto :create "Crans.crans.root.mailer"; } # Crans Gitlab elsif address :is :all "From" "gitlab@crans.org" { fileinto :create "Crans.crans.gitlab"; } # Crans Wiki elsif address :is :all "From" "wiki@crans.org" { fileinto :create "Crans.crans.wiki"; } # Aurore CA elsif header :contains "List-Id" "" { fileinto :create "Crans.aurore.ca"; } # BDL elsif anyof ( header :contains "List-Id" "", header :contains "List-Id" "" ) { fileinto :create "Crans.asso.bdl"; } # Med elsif anyof ( header :contains "List-Id" "", header :contains "List-Id" "" ) { fileinto :create "Crans.asso.med"; } # NL BDE elsif header :contains "List-Id" "" { fileinto :create "Crans.asso.nl.bde"; } # NL BDA elsif header :contains "List-Id" "" { fileinto :create "Crans.asso.nl.bda"; } # Any other associative mail elsif anyof ( header :contains "List-Id" "", header :contains "List-Id" "", header :matches "List-Id" "<*.lists.crans.org>" ) { fileinto :create "Crans.asso"; } # Otherwise it's for the generic mailbox else { fileinto :create "Crans"; } } # Otherwise it's for my different accounts # It's automatically sorted using the localpart elsif address :localpart :regex "X-Original-To" "^(([a-zA-Z]+\\.)*([a-zA-Z]+))(-([a-zA-Z0-9_.\\-]*))?''$" { set :lower "sub_folder" "''${1}"; set "mbox_candidate" "INBOX.''${sub_folder}"; fileinto :create "''${mbox_candidate}"; } # Other unknown origin else { fileinto :create "INBOX.other"; } } # It's destined to my main inbox elsif address :is "X-Original-To" "lyes@mail.lyes.eu" { fileinto :create "INBOX"; } # Other unknown origin else { fileinto :create "INBOX.other"; } ''; }; }; # extraVirtualAliases = { # "@lyes.eu" = "lyes@mail.lyes.eu"; # }; certificateScheme = "acme-nginx"; }; # services.dovecot2.extraConfig = '' # userdb { # driver = ldap # auth_bind = yes # # pass_attrs = uid=user # pass_filter = (name=%u) # } # passdb { # driver = ldap # auth_bind = yes # # pass_attrs = uid=user # pass_filter = (name=%u) # } # ''; services.dovecot2.sieve.extensions = [ "imap4flags" ]; services.roundcube = { enable = true; hostName = "taf.lyes.eu"; extraConfig = '' $config['imap_host'] = "ssl://taf.lyes.eu:993"; $config['smtp_host'] = "tls://taf.lyes.eu"; $config['smtp_port'] = 587; $config['smtp_user'] = "%u"; $config['smtp_pass'] = "%p"; ''; }; age.secrets = { taf-token = { owner = "postfix"; file = ../../../secrets/zora/services/taf-token.age; }; lyes-mail-passwd = { owner = "postfix"; file = ../../../secrets/lyes/mail-passwd.age; }; lyes-hidden-sieve = { file = ../../../secrets/lyes/hidden-sieve.age; path = "/var/sieve/lyes@mail.lyes.eu/scripts/hiddensieve.sieve"; owner = "virtualMail"; group = "virtualMail"; mode = "660"; }; }; }