mailsystem: Add option to use selfsigned certificates in preparation for testing

mailsystem/default.nix

@@ -151,6 +151,19 @@ in {
       '';
       default = {};
     };
+
+    certificateScheme = lib.mkOption {
+      type = lib.types.enum ["acme" "selfsigned"];
+      default = "acme";
+      description = ''
+        The scheme to use for managing TLS certificates:
+
+        1. `acme`: The server retrieves letsencrypt certificates via NixOS's acme module using nginx.
+        2. `selfsigned`: The server creates self-signed certificates on the fly (intended for testing).
+      '';
+      internal = true;
+      visible = false;
+    };
   };
 
   imports = [
@@ -161,6 +174,7 @@ in {
     ./redis.nix
     ./roundcube.nix
     ./rspamd.nix
+    ./selfsigned.nix
     ./user.nix
   ];
 }