1 files changed, 58 insertions, 0 deletions

diff --git a/fleet/hosts/vityaz/mail.nix b/fleet/hosts/vityaz/mail.nix
new file mode 100644
index 0000000..58d6866
--- /dev/null
+++ b/fleet/hosts/vityaz/mail.nix
@@ -0,0 +1,58 @@
+# SPDX-FileCopyrightText: V <v@unfathomable.blue>
+# SPDX-FileCopyrightText: edef <edef@unfathomable.blue>
+# SPDX-License-Identifier: OSL-3.0
+
+{ pkgs, ... }:
+
+{
+  services.postfix = {
+    # TODO(V): Set myorigin to $mydomain?
+
+    # We accept mail to ourselves and to the apex
+    destination = [ "$myhostname" "$mydomain" ];
+
+    # TODO(V): Restrict authorized_submit_users to system users
+
+    # TODO(V): Authenticate users
+    networks = [
+      # Defaults
+      "127.0.0.1/32"
+      "157.90.172.8/32"
+      "10.102.120.0/32"
+      "[::1]/128"
+      "[2a01:4f8:1c0c:46a9::1:f93f]/128"
+      "[fe80::9400:ff:feae:b407]/128"
+
+      # Intranet
+      "10.102.120.0/24"
+    ];
+
+    # Wait, why is this enabled here?
+    recipientDelimiter = "+";
+
+    # TODO(V): postscreen + DNSBLs
+    # TODO(V): postgrey
+
+    rootAlias = "v, edef";
+
+    # TODO(V): Forward mails to root to both edef & V
+    # TODO(V): Forward mails to postmaster to both edef & V
+    # TODO(V): Add extra aliases (Alyssa has abuse, noc, security, hostmaster, usenet, news, webmaster, www, uucp, and ftp)
+    # TODO(V): Add more notify_classes
+  };
+
+  systemd.user.paths.mail = {
+    description = "New mail trigger";
+    wantedBy = [ "paths.target" ];
+    pathConfig.PathChanged = "/var/mail/%u/new";
+    unitConfig.ConditionPathExists = "%h/.notmuch-config";
+  };
+
+  systemd.user.services.mail = {
+    description = "New mail indexing";
+    serviceConfig = {
+      Type = "exec";
+      ExecStart = "${pkgs.notmuch}/bin/notmuch new";
+    };
+  };
+}