nxcaldav

2026-04-24 19:58:21 +02:00
parent 5cc13c9b9a
commit 9ccabedbb2
12 changed files with 376 additions and 32 deletions
--- a/system-modules/nx2site/imap.nix
+++ b/system-modules/nx2site/imap.nix
@@ -0,0 +1,68 @@
+{ config, pkgs, ... }@all: with all; {
+  sops.secrets = {
+    "nx2site/dovecot" = {
+      owner = "dovecot2";
+      group = "dovecot2";
+      mode = "600";
+    };
+  };
+  services.dovecot2 = {
+    enable = true;
+    enablePAM = false; # independen from linux users
+    enableImap = true;
+    enableLmtp = true;
+    extraConfig = ''
+      # force to use full user name plus domain name
+      # for disambiguation
+      auth_username_format = %Lu
+
+      # Authentication configuration:
+      auth_mechanisms = plain
+      passdb {
+        driver = passwd-file
+        args = ${config.sops.secrets."nx2site/dovecot".path}
+      }
+
+      # for vitual users:
+      userdb {
+        driver = static
+        # the full e-mail address inside passwd-file is the username (%u)
+        # user@example.com
+        # %d for domain_name %n for user_name
+        args = uid=vmail gid=vmail username_format=%u home=/var/spool/mail/vmail/%d/%n
+      }
+      # for connecting with postfix
+      service lmtp {
+       unix_listener /var/spool/postfix/dovecot-lmtp {
+         mode = 0600
+         user = postfix
+         group = postfix
+        }
+      }
+      service auth {
+        unix_listener /var/spool/postfix/auth {
+          mode = 0600
+          user = postfix
+          group = postfix
+        }
+      }
+    '';
+    createMailUser = true;
+    mailUser = "vmail";
+    mailGroup = "vmail";
+    mailLocation = "maildir:~/Maildir";
+    mailboxes = { # RFC standart
+      All = { auto = "create"; autoexpunge = null; specialUse = "All"; };
+      Archive = { auto = "create"; autoexpunge = null; specialUse = "Archive"; };
+      Drafts = { auto = "create"; autoexpunge = null; specialUse = "Drafts"; };
+      Flagged = { auto = "create"; autoexpunge = null; specialUse = "Flagged"; };
+      Junk = { auto = "create"; autoexpunge = "60d"; specialUse = "Junk"; };
+      Sent = { auto = "create"; autoexpunge = null; specialUse = "Sent"; };
+      Trash = { auto = "create"; autoexpunge = "60d"; specialUse = "Trash"; };
+    };
+
+    sslServerCert = "/var/lib/acme/${hyper.domain}/fullchain.pem";
+    sslServerKey = "/var/lib/acme/${hyper.domain}/key.pem";
+    sslCACert = "/var/lib/acme/${hyper.domain}/chain.pem";
+  };
+}