diff options
author | V <v@unfathomable.blue> | 2021-06-09 15:43:16 +0200 |
---|---|---|
committer | V <v@unfathomable.blue> | 2021-08-17 03:09:34 +0200 |
commit | ec0965e2672899d25a5a3a8c072de3ea734076a2 (patch) | |
tree | ddf53e6cc5ae47fa1a925f7a7d6414ba03718a84 /fleet/hosts/vityaz/mail.nix | |
parent | db7c54f92f386a94db8af7a12626d2657b4dd640 (diff) |
fleet: init
Co-authored-by: edef <edef@unfathomable.blue> Change-Id: I36d2c4cca542ed91630b1b832f3c7a7b97b33c65
Diffstat (limited to 'fleet/hosts/vityaz/mail.nix')
-rw-r--r-- | fleet/hosts/vityaz/mail.nix | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/fleet/hosts/vityaz/mail.nix b/fleet/hosts/vityaz/mail.nix new file mode 100644 index 0000000..58d6866 --- /dev/null +++ b/fleet/hosts/vityaz/mail.nix @@ -0,0 +1,58 @@ +# SPDX-FileCopyrightText: V <v@unfathomable.blue> +# SPDX-FileCopyrightText: edef <edef@unfathomable.blue> +# SPDX-License-Identifier: OSL-3.0 + +{ pkgs, ... }: + +{ + services.postfix = { + # TODO(V): Set myorigin to $mydomain? + + # We accept mail to ourselves and to the apex + destination = [ "$myhostname" "$mydomain" ]; + + # TODO(V): Restrict authorized_submit_users to system users + + # TODO(V): Authenticate users + networks = [ + # Defaults + "127.0.0.1/32" + "157.90.172.8/32" + "10.102.120.0/32" + "[::1]/128" + "[2a01:4f8:1c0c:46a9::1:f93f]/128" + "[fe80::9400:ff:feae:b407]/128" + + # Intranet + "10.102.120.0/24" + ]; + + # Wait, why is this enabled here? + recipientDelimiter = "+"; + + # TODO(V): postscreen + DNSBLs + # TODO(V): postgrey + + rootAlias = "v, edef"; + + # TODO(V): Forward mails to root to both edef & V + # TODO(V): Forward mails to postmaster to both edef & V + # TODO(V): Add extra aliases (Alyssa has abuse, noc, security, hostmaster, usenet, news, webmaster, www, uucp, and ftp) + # TODO(V): Add more notify_classes + }; + + systemd.user.paths.mail = { + description = "New mail trigger"; + wantedBy = [ "paths.target" ]; + pathConfig.PathChanged = "/var/mail/%u/new"; + unitConfig.ConditionPathExists = "%h/.notmuch-config"; + }; + + systemd.user.services.mail = { + description = "New mail indexing"; + serviceConfig = { + Type = "exec"; + ExecStart = "${pkgs.notmuch}/bin/notmuch new"; + }; + }; +} |