lyes/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity Actions
nixfiles/modules/server/taf/default.nix

237 lines
7.4 KiB
Nix
Raw Blame History

{ config, ... }:
{
mailserver = {
enable = true;
stateVersion = 3;
fqdn = "taf.lyes.eu";
domains = [
"lyes.eu"
"mail.lyes.eu"
];
localDnsResolver = false;
enableManageSieve = true;
# debug.all = true;
# ldap = {
# enable = true;
# uris = [ "ldaps://auth.lyes.eu:636" ];
# searchBase = "dc=auth,dc=lyes,dc=eu";
# searchScope = "sub";
# bind = {
# # dn = "dn=token,dc=auth,dc=lyes,dc=eu";
# dn = "dn=token";
# passwordFile = config.age.secrets.taf-token.path;
# };
# dovecot = {
# userFilter = "(name=%u)";
# passFilter = "(name=%u)";
# };
# postfix = {
# filter = "(name=%s)";
# mailAttribute = "mail";
# uidAttribute = "name";
# };
# };
loginAccounts = {
"lyes@mail.lyes.eu" = {
hashedPasswordFile = config.age.secrets.lyes-mail-passwd.path;
aliases = [
"@lyes.eu"
];
quota = "1T";
sieveScript = ''
require ["include", "fileinto", "mailbox", "copy", "regex", "variables", "imap4flags"];
include :personal "hiddensieve";
# lyes.eu filters
if address :is :domain "X-Original-To" "lyes.eu" {
# If the mail comes from my crans mailbox
if address :is :localpart "X-Original-To" "crans" {
# Aurore Support
if header :contains "List-Id" "<support.aurore.lists.crans.org>" {
fileinto :create "Crans.aurore.support";
}
# Mailman moderation request
elsif address :matches :all "To" "*-owner@lists.crans.org" {
fileinto :create "Crans.moderation";
}
# Crans Bureau
elsif anyof (
header :contains "List-Id" "<bureau.lists.crans.org>",
header :contains "List-Id" "<achats-crans.lists.crans.org>",
header :contains "List-Id" "<tresorerie.lists.crans.org>"
) {
fileinto :create "Crans.crans.bureau";
}
# Crans CA
elsif header :contains "List-Id" "<ca.lists.crans.org>" {
fileinto :create "Crans.crans.ca";
}
# Crans Nounou
elsif anyof (
header :contains "List-Id" "<nounou.lists.crans.org>",
header :contains "List-Id" "<apprenti-es.lists.crans.org>",
address :is :all "To" "contact@crans.org",
address :is :all "From" "contact@crans.org"
) {
fileinto :create "Crans.crans.nounou";
}
# Crans Root Postmaster
elsif address :is :all "To" "postmaster@crans.org" {
addflag "\\Seen";
fileinto :create "Crans.crans.root.postmaster";
}
# Crans Root Mailer
elsif address :is :all "From" "MAILER-DAEMON@crans.org" {
fileinto :create "Crans.crans.root.mailer";
}
# Crans Root
elsif anyof (
address :is :all "To" "root@crans.org",
address :is :all "From" "root@crans.org",
address :is :all "From" "www-data@crans.org"
) {
fileinto :create "Crans.crans.root";
}
# Crans Gitlab
elsif address :is :all "From" "gitlab@crans.org" {
fileinto :create "Crans.crans.gitlab";
}
# Crans Wiki
elsif address :is :all "From" "wiki@crans.org" {
fileinto :create "Crans.crans.wiki";
}
# Aurore CA
elsif header :contains "List-Id" "<ca.aurore.lists.crans.org>" {
fileinto :create "Crans.aurore.ca";
}
# BDL
elsif anyof (
header :contains "List-Id" "<bdl-bureau.lists.crans.org>",
header :contains "List-Id" "<bdl.lists.crans.org>"
) {
fileinto :create "Crans.asso.bdl";
}
# Med
elsif anyof (
header :contains "List-Id" "<med-bureau.lists.crans.org>",
header :contains "List-Id" "<med.lists.crans.org>"
) {
fileinto :create "Crans.asso.med";
}
# NL BDE
elsif header :contains "List-Id" "<evenements.lists.crans.org>" {
fileinto :create "Crans.asso.nl.bde";
}
# NL BDA
elsif header :contains "List-Id" "<evenement.bda.lists.crans.org>" {
fileinto :create "Crans.asso.nl.bda";
}
# Any other associative mail
elsif anyof (
header :contains "List-Id" "<la5emeparallele-bureau.lists.crans.org>",
header :contains "List-Id" "<la5emeparallele.lists.crans.org>",
header :matches "List-Id" "<*.lists.crans.org>"
) {
fileinto :create "Crans.asso";
}
# Otherwise it's for the generic mailbox
else {
fileinto :create "Crans";
}
}
# Otherwise it's for my different accounts
# It's automatically sorted using the localpart
elsif address :localpart :regex "X-Original-To" "^(([a-zA-Z]+\\.)*([a-zA-Z]+))(-([a-zA-Z0-9_.\\-]*))?''$" {
set :lower "sub_folder" "''${1}";
set "mbox_candidate" "INBOX.''${sub_folder}";
fileinto :create "''${mbox_candidate}";
}
# Other unknown origin
else {
fileinto :create "INBOX.other";
}
}
# It's destined to my main inbox
elsif address :is "X-Original-To" "lyes@mail.lyes.eu" {
fileinto :create "INBOX";
}
# Other unknown origin
else {
fileinto :create "INBOX.other";
}
'';
};
};
# extraVirtualAliases = {
# "@lyes.eu" = "lyes@mail.lyes.eu";
# };
x509.useACMEHost = config.mailserver.fqdn;
};
# services.dovecot2.extraConfig = ''
# userdb {
# driver = ldap
# auth_bind = yes
# # pass_attrs = uid=user
# pass_filter = (name=%u)
# }
# passdb {
# driver = ldap
# auth_bind = yes
# # pass_attrs = uid=user
# pass_filter = (name=%u)
# }
# '';
services.dovecot2.sieve.extensions = [ "imap4flags" ];
services.roundcube = {
enable = true;
hostName = "taf.lyes.eu";
extraConfig = ''
$config['imap_host'] = "ssl://taf.lyes.eu:993";
$config['smtp_host'] = "tls://taf.lyes.eu";
$config['smtp_port'] = 587;
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
age.secrets = {
taf-token = {
owner = "postfix";
file = ../../../secrets/zora/services/taf-token.age;
};
lyes-mail-passwd = {
owner = "postfix";
file = ../../../secrets/lyes/mail-passwd.age;
};
lyes-hidden-sieve = {
file = ../../../secrets/lyes/hidden-sieve.age;
path = "/var/sieve/lyes@mail.lyes.eu/scripts/hiddensieve.sieve";
owner = "virtualMail";
group = "virtualMail";
mode = "660";
};
};
}
Reference in a new issue View git blame Copy permalink