Made it work

2026-01-01 06:44:26 -05:00 · 2025-08-30 21:19:51 +02:00
parent fdbaf09146
commit 75d30efc6c
23 changed files with 148 additions and 1356 deletions
--- a/modules/services/mail.nix
+++ b/modules/services/mail.nix
@@ -1,21 +0,0 @@
-{ config, ... }: {
-  services.postfix = {
-    enable = true;
-    relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"];
-    sslCert = config.security.acme.certs."lists.example.org".directory + "/full.pem";
-    sslKey = config.security.acme.certs."lists.example.org".directory + "/key.pem";
-    config = {
-      transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"];
-      local_recipient_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"];
-    };
-  };
-  services.mailman = {
-    enable = true;
-    serve.enable = true;
-    hyperkitty.enable = true;
-    webHosts = ["lists.example.org"];
-    siteOwner = "mailman@example.org";
-  };
-  services.nginx.virtualHosts."lists.example.org".enableACME = true;
-	#networking.firewall.allowedTCPPorts = [ 25 80 443 ];
-}
--- a/modules/services/realmail.nix
+++ b/modules/services/realmail.nix
@@ -1,51 +0,0 @@
-{ config, pkgs, ... }: {
-  imports = [
-    (builtins.fetchTarball {
-      # Pick a release version you are interested in and set its hash, e.g.
-      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-25.05/nixos-mailserver-nixos-25.05.tar.gz";
-      # To get the sha256 of the nixos-mailserver tarball, we can use the nix-prefetch-url command:
-      # release="nixos-25.05"; nix-prefetch-url "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/${release}/nixos-mailserver-${release}.tar.gz" --unpack
-      sha256 = "0jpp086m839dz6xh6kw5r8iq0cm4nd691zixzy6z11c4z2vf8v85";
-    })
-  ];
-
-	mailserver = {
-		enable = true;
-		fqdn = "mail.hahn1.one";
-		domains = [ "hahn1.one" ];
-
-		# A list of all login accounts. To create the password hashes, use
-		# nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
-		loginAccounts = {
-			"jonas@hahn1.one" = {
-				# mail4jonas
-				hashedPassword = "$2b$05$aOMZAUvp4p42su99UwQ0FeKPTVKrHBJX1w7IBG9J39rSjSqyT5Y7C";
-				aliases = ["postmaster@hahn1.one" "j@hahn1.one"];
-			};
-			"security@hahn1.one" = {
-				# mail4jonas
-				hashedPassword = "$2b$05$aOMZAUvp4p42su99UwQ0FeKPTVKrHBJX1w7IBG9J39rSjSqyT5Y7C";
-				aliases = ["sec@hahn1.one"];
-			};
-			"christiane@hahn1.one" = {
-				# mail4jonas
-				hashedPassword = "$2b$05$nfE1Iou57TvnAH.BfFdsEOsrbxZDovNPVme3PTG/ZMAG3T6OC968q";
-				aliases = ["ch@hahn1.one"];
-			};
-			"horst@hahn1.one" = {
-				# mail4jonas
-				hashedPassword = "$2b$05$nfE1Iou57TvnAH.BfFdsEOsrbxZDovNPVme3PTG/ZMAG3T6OC968q";
-				aliases = ["ho@hahn1.one"];
-			};
-			"theo@hahn1.one" = {
-				# mail4jonas
-				hashedPassword = "$2b$05$nfE1Iou57TvnAH.BfFdsEOsrbxZDovNPVme3PTG/ZMAG3T6OC968q";
-				aliases = ["th@hahn1.one"];
-			};
-		};
-
-		# Use Let's Encrypt certificates. Note that this needs to set up a stripped
-		# down nginx and opens port 80.
-		certificateScheme = "acme-nginx";
-	};
-}