nx2/dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e97e9b62b0f443770cae93179631d6351477c33a
dotfiles/system-modules/nx2site/imap.nix
Lennart J. Kurzweg (Nx2) 9ccabedbb2 nxcaldav
2026-04-24 19:58:21 +02:00

69 lines
2.2 KiB
Nix
Raw Blame History

{ config, pkgs, ... }@all: with all; {
sops.secrets = {
"nx2site/dovecot" = {
owner = "dovecot2";
group = "dovecot2";
mode = "600";
};
};
services.dovecot2 = {
enable = true;
enablePAM = false; # independen from linux users
enableImap = true;
enableLmtp = true;
extraConfig = ''
# force to use full user name plus domain name
# for disambiguation
auth_username_format = %Lu
# Authentication configuration:
auth_mechanisms = plain
passdb {
driver = passwd-file
args = ${config.sops.secrets."nx2site/dovecot".path}
}
# for vitual users:
userdb {
driver = static
# the full e-mail address inside passwd-file is the username (%u)
# user@example.com
# %d for domain_name %n for user_name
args = uid=vmail gid=vmail username_format=%u home=/var/spool/mail/vmail/%d/%n
}
# for connecting with postfix
service lmtp {
unix_listener /var/spool/postfix/dovecot-lmtp {
mode = 0600
user = postfix
group = postfix
}
}
service auth {
unix_listener /var/spool/postfix/auth {
mode = 0600
user = postfix
group = postfix
}
}
'';
createMailUser = true;
mailUser = "vmail";
mailGroup = "vmail";
mailLocation = "maildir:~/Maildir";
mailboxes = { # RFC standart
All = { auto = "create"; autoexpunge = null; specialUse = "All"; };
Archive = { auto = "create"; autoexpunge = null; specialUse = "Archive"; };
Drafts = { auto = "create"; autoexpunge = null; specialUse = "Drafts"; };
Flagged = { auto = "create"; autoexpunge = null; specialUse = "Flagged"; };
Junk = { auto = "create"; autoexpunge = "60d"; specialUse = "Junk"; };
Sent = { auto = "create"; autoexpunge = null; specialUse = "Sent"; };
Trash = { auto = "create"; autoexpunge = "60d"; specialUse = "Trash"; };
};
sslServerCert = "/var/lib/acme/${hyper.domain}/fullchain.pem";
sslServerKey = "/var/lib/acme/${hyper.domain}/key.pem";
sslCACert = "/var/lib/acme/${hyper.domain}/chain.pem";
};
}
Reference in New Issue View Git Blame Copy Permalink