40 lines
1.2 KiB
Nix
40 lines
1.2 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
cfg = config.mailsystem;
|
|
in rec {
|
|
certificateDirectory = "/var/certs";
|
|
sslCertPath =
|
|
if cfg.certificateScheme == "acme"
|
|
then "${config.security.acme.certs.${cfg.fqdn}.directory}/fullchain.pem"
|
|
else "${certificateDirectory}/cert-${cfg.fqdn}.pem";
|
|
|
|
sslKeyPath =
|
|
if cfg.certificateScheme == "acme"
|
|
then "${config.security.acme.certs.${cfg.fqdn}.directory}/key.pem"
|
|
else "${certificateDirectory}/key-${cfg.fqdn}.pem";
|
|
|
|
sslCertService =
|
|
if cfg.certificateScheme == "acme"
|
|
then ["acme-finished-${cfg.fqdn}.target"]
|
|
else ["mailsystem-selfsigned-certificate.service"];
|
|
|
|
mailnixCmd = let
|
|
mailnixCfgFile = pkgs.writeText "mailnix-public.json" (builtins.toJSON {
|
|
inherit (cfg) accounts domains;
|
|
aliases = cfg.virtualAliases;
|
|
});
|
|
extraCfgFile =
|
|
if (cfg.extraSettingsFile != null)
|
|
then cfg.extraSettingsFile
|
|
else "";
|
|
in "${pkgs.mailnix}/bin/mailnix ${extraCfgFile} ${mailnixCfgFile}";
|
|
|
|
dovecotDynamicStateDir = "/var/lib/dovecot";
|
|
dovecotDynamicPasswdFile = "${dovecotDynamicStateDir}/passwd";
|
|
|
|
rspamdProxySocket = "/run/rspamd-proxy.sock";
|
|
rspamdControllerSocket = "/run/rspamd-controller.sock";
|
|
}
|