postfix: add to vno1-oh2

2023-07-26 13:26:11 +03:00
parent 60936605c9
commit bac191ef2f
17 changed files with 120 additions and 91 deletions
--- a/modules/services/default.nix
+++ b/modules/services/default.nix
@@ -5,6 +5,7 @@
  ...
 }: {
  imports = [
+    ./postfix
    ./syncthing
    ./zfsunlock
  ];
--- a/modules/services/postfix/default.nix
+++ b/modules/services/postfix/default.nix
@@ -0,0 +1,39 @@
+{
+  config,
+  lib,
+  myData,
+  ...
+}: {
+  options.mj.services.postfix = with lib.types; {
+    enable = lib.mkEnableOption "Enable postfix";
+    saslPasswdPath = lib.mkOption {type = path;};
+  };
+
+  config = lib.mkIf config.mj.services.postfix.enable {
+    services.postfix = {
+      enable = true;
+      enableSmtp = true;
+      networks = [
+        "127.0.0.1/8"
+        "[::ffff:127.0.0.0]/104"
+        "[::1]/128"
+        myData.tailscale_subnet.cidr
+      ];
+      hostname = "${config.networking.hostName}.${config.networking.domain}";
+      relayHost = "smtp.sendgrid.net";
+      relayPort = 587;
+      mapFiles = {
+        sasl_passwd = config.mj.services.postfix.saslPasswdPath;
+      };
+      extraConfig = ''
+        smtp_sasl_auth_enable = yes
+        smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
+        smtp_sasl_security_options = noanonymous
+        smtp_sasl_tls_security_options = noanonymous
+        smtp_tls_security_level = encrypt
+        header_size_limit = 4096000
+      '';
+    };
+
+  };
+}