1 { pkgs, lib, config, ... }:
3 inherit (config.services) public-inbox;
4 inherit (config.users) groups;
12 "haskell/symantic-atom"
13 "haskell/symantic-base"
14 "haskell/symantic-cli"
15 "haskell/symantic-compta"
16 "haskell/symantic-document"
17 "haskell/symantic-http"
18 "haskell/symantic-parser"
19 "haskell/symantic-xml"
22 # Pour supprimer un message :
23 # curl https://mails.sourcephile.fr/inbox/environnement/8ea699887ca47797b4460053588cbef2d115829ab4@vieber.ru/raw |
24 # sudo -u public-inbox public-inbox-learn rm
26 security.acme.certs."${domain}" = {
27 postRun = "systemctl try-restart public-inbox-nntpd public-inbox-imapd";
29 networking.nftables.ruleset = ''
30 add rule inet filter net2fw tcp dport ${toString public-inbox.nntp.port} counter accept comment "NNTPS"
31 add rule inet filter net2fw tcp dport 1993 counter accept comment "IMAPS"
33 fileSystems."/var/lib/public-inbox" = {
34 device = "rpool/var/public-inbox";
38 public-inbox-httpd = {
40 SupplementaryGroups = [ groups."git-daemon".name ];
41 BindReadOnlyPaths = [ "/var/lib/acme/${domain}" ];
44 public-inbox-imapd = {
45 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
46 after = [ "acme-selfsigned-${domain}.service" ];
48 SupplementaryGroups = [ groups."acme".name ];
49 BindReadOnlyPaths = [ "/var/lib/acme/${domain}" ];
52 public-inbox-nntpd = {
53 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
54 after = [ "acme-selfsigned-${domain}.service" ];
56 SupplementaryGroups = [ groups."acme".name ];
57 BindReadOnlyPaths = [ "/var/lib/acme/${domain}" ];
61 services.public-inbox = {
63 postfix.enable = true;
64 settings.publicinbox = {
65 css = [ "href=https://mails.${domain}/style/light.css" ];
66 nntpserver = [ "nntps://news.${domain}" ];
67 wwwlisting = "match=domain";
71 args = [ "--no-precheck" ]; # Allow Bcc:
75 port = "/run/public-inbox-http.sock";
79 "https://mails.${domain}/inbox"
80 "https://public-inbox.${domain}/inbox"
87 cert = "/var/lib/acme/${domain}/fullchain.pem";
88 key = "/var/lib/acme/${domain}/key.pem";
92 # FIXME: find an IP or .onion to put 993
94 args = [ "-W0" "--listen" "imaps://0.0.0.0:1993" ];
96 cert = "/var/lib/acme/${domain}/fullchain.pem";
97 key = "/var/lib/acme/${domain}/key.pem";
106 annonces d'informations concernant importantes
108 url = "https://mails.${domain}/inbox/news";
109 newsgroup = "inbox.comp.${orga}.news";
110 #coderepo = [ "sourcephile-txt" ];
118 discussions concernant l'informatique en général.
120 url = "https://mails.${domain}/inbox/chat";
121 newsgroup = "inbox.comp.${orga}.chat";
129 discussions avec le grand public.
131 url = "https://mails.${domain}/inbox/contact";
132 newsgroup = "inbox.comp.${orga}.contact";
133 #coderepo = [ "${orga}" ];
137 "environnement@${domain}"
140 environnement@${domain} :
141 discussions sur les impacts environnementaux de l'informatique.
143 url = "https://mails.${domain}/inbox/environnement";
144 newsgroup = "inbox.comp.${orga}.environnement";
145 #coderepo = [ "sourcephile-txt" ];
153 discussions concernant la science de l'informatique.
155 url = "https://mails.${domain}/inbox/labo";
156 newsgroup = "inbox.comp.${orga}.labo";
157 # TODO: list many source code repositories
158 #coderepo = [ "sourcephile-txt" ];
166 discussions concernant l'administration technique de l'infrastructure informatique.
168 url = "https://mails.${domain}/inbox/prod";
169 newsgroup = "inbox.comp.${orga}.prod";
170 #coderepo = [ "sourcephile-txt" "sourcephile-nix" ];
178 discussions à l'attention de l'ensemble des personnes à bord.
180 url = "https://mails.${domain}/inbox/orga";
181 newsgroup = "inbox.comp.${orga}.orga";
182 #coderepo = [ "sourcephile-txt" ];
190 une cible de test pour effectuer des tirs de mails.
192 url = "https://mails.${domain}/inbox/test";
193 newsgroup = "inbox.comp.${orga}.test";
194 hide = [ /* FIXME: doesn't work for IMAP */"imap" "www" "manifest" ];
196 } // lib.genAttrs (map baseNameOf repositories) (name: {
202 discussions about ${name}.
204 url = "https://mails.${domain}/inbox/${name}";
205 newsgroup = "inbox.comp.${orga}.${name}";
208 settings.coderepo = {
210 dir = "/var/lib/gitolite/repositories/sourcephile-txt.git";
211 cgitUrl = "https://code.${domain}/sourcephile-txt.git";
214 dir = "/var/lib/gitolite/repositories/sourcephile-nix.git";
215 cgitUrl = "https://code.${domain}/sourcephile-nix.git";
217 } // lib.listToAttrs (map (path: lib.nameValuePair (baseNameOf path) {
218 dir = "/var/lib/gitolite/repositories/${path}.git";
219 cgitUrl = "https://code.${domain}/${path}.git";
222 services.sanoid.datasets."rpool/var/public-inbox" = {
223 use_template = [ "snap" ];
sourcephile / git / sourcephile-nix.git / blob