25 lines
646 B
Nix
25 lines
646 B
Nix
{config, ...}:
|
|
with config.constants; let
|
|
userSecret = "mail/${userName}/password";
|
|
vaultwardenSecret = "mail/vaultwarden/password";
|
|
in {
|
|
mailserver = {
|
|
enable = true;
|
|
fqdn = "mail.${domain}";
|
|
domains = [domain];
|
|
|
|
loginAccounts = {
|
|
"${userName}@${domain}" = {
|
|
aliases = [postMaster];
|
|
hashedPasswordFile = config.sops.secrets.${userSecret}.path;
|
|
};
|
|
${config.services.vaultwarden.config.SMTP_FROM}.hashedPasswordFile = config.sops.secrets.${vaultwardenSecret}.path;
|
|
};
|
|
|
|
certificateScheme = "acme";
|
|
};
|
|
sops.secrets = {
|
|
${userSecret} = {};
|
|
${vaultwardenSecret} = {};
|
|
};
|
|
}
|