25 lines
848 B
Nix
25 lines
848 B
Nix
{config, ...}: let
|
|
cfg = config.mailsystem;
|
|
in rec {
|
|
certificateDirectory = "/var/certs";
|
|
sslCertPath =
|
|
if cfg.certificateScheme == "acme"
|
|
then "${config.security.acme.certs.${cfg.fqdn}.directory}/fullchain.pem"
|
|
else "${certificateDirectory}/cert-${cfg.fqdn}.pem";
|
|
|
|
sslKeyPath =
|
|
if cfg.certificateScheme == "acme"
|
|
then "${config.security.acme.certs.${cfg.fqdn}.directory}/key.pem"
|
|
else "${certificateDirectory}/key-${cfg.fqdn}.pem";
|
|
|
|
sslCertService =
|
|
if cfg.certificateScheme == "acme"
|
|
then ["acme-finished-${cfg.fqdn}.target"]
|
|
else ["mailsystem-selfsigned-certificate.service"];
|
|
|
|
dovecotDynamicStateDir = "/var/lib/dovecot";
|
|
dovecotDynamicPasswdFile = "${dovecotDynamicStateDir}/passwd";
|
|
|
|
rspamdProxySocket = "/run/rspamd-proxy.sock";
|
|
rspamdControllerSocket = "/run/rspamd-controller.sock";
|
|
}
|