]> Git — Sourcephile - sourcephile-nix.git/blob - machines/mermet/public-inbox.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
public-inbox: update to 1.6.0
[sourcephile-nix.git] / machines / mermet / public-inbox.nix
1 { pkgs, lib, config, ... }:
2 let inherit (config.users) groups;
3 domain = "sourcephile.fr";
4 in
5 {
6 security.acme.certs."${domain}" = {
7 postRun = "systemctl try-restart public-inbox-nntpd public-inbox-imapd";
8 };
9 networking.nftables.ruleset = ''
10 add rule inet filter net2fw tcp dport 563 counter accept comment "NNTPS"
11 add rule inet filter net2fw tcp dport 1993 counter accept comment "IMAPS"
12 '';
13 systemd.services = {
14 public-inbox-httpd = {
15 serviceConfig.SupplementaryGroups = [ groups."git-daemon".name ];
16 };
17 public-inbox-imapd = {
18 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
19 after = [ "acme-selfsigned-${domain}.service" ];
20 serviceConfig.SupplementaryGroups = [ groups."acme".name ];
21 };
22 public-inbox-nntpd = {
23 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
24 after = [ "acme-selfsigned-${domain}.service" ];
25 serviceConfig.SupplementaryGroups = [ groups."acme".name ];
26 };
27 };
28 services.public-inbox = {
29 enable = true;
30 path = with pkgs; [ /*spamassassin*/ ];
31 #mda.args = [ "--no-precheck" ];
32 mda.spamCheck = null;
33 watch.spamCheck = null;
34
35 http.mounts = [
36 "https://mails.${domain}/inbox"
37 "https://public-inbox.${domain}/inbox"
38 ];
39 wwwListing = "match=domain";
40 config.publicinbox = {
41 css = [ "href=https://mails.${domain}/style/light.css" ];
42 };
43
44 nntpServer = [ "nntps://news.${domain}" ];
45 nntp.cert = "/var/lib/acme/${domain}/fullchain.pem";
46 nntp.key = "/var/lib/acme/${domain}/key.pem";
47 imap.listenStreams = [ "0.0.0.0:1993" ];
48 imap.cert = "/var/lib/acme/${domain}/fullchain.pem";
49 imap.key = "/var/lib/acme/${domain}/key.pem";
50
51 inboxes = {
52 atelier = {
53 address = [
54 "atelier@${domain}"
55 "public-inbox+atelier@${domain}"
56 ];
57 description = ''
58 atelier@${domain} :
59 discussions concernant le développement logiciel.
60 '';
61 url = "https://mails.${domain}/inbox/atelier";
62 newsgroup = "inbox.comp.sourcephile.atelier";
63 config.coderepo = [
64 "sourcephile-txt"
65 # TODO: list many source code repositories
66 ];
67 };
68 bar = {
69 address = [
70 "bar@${domain}"
71 "public-inbox+bar@${domain}"
72 ];
73 description = ''
74 bar@${domain} :
75 discussions concernant l'informatique en général.
76 '';
77 url = "https://mails.${domain}/inbox/bar";
78 newsgroup = "inbox.comp.sourcephile.bar";
79 };
80 contact = {
81 address = [
82 "contact@${domain}"
83 "public-inbox+contact@${domain}"
84 ];
85 description = ''
86 contact@${domain} :
87 discussions avec le grand public.
88 '';
89 url = "https://mails.${domain}/inbox/contact";
90 newsgroup = "inbox.comp.sourcephile.contact";
91 #config.coderepo = [ "sourcephile" ];
92 };
93 ecole = {
94 address = [
95 "ecole@${domain}"
96 "public-inbox+ecole@${domain}"
97 ];
98 description = ''
99 ecole@${domain} :
100 discussions pour s'entraider en informatique.
101 '';
102 url = "https://mails.${domain}/inbox/ecole";
103 newsgroup = "inbox.comp.sourcephile.ecole";
104 config.coderepo = [ "sourcephile-txt" ];
105 };
106 environnement = {
107 address = [
108 "environnement@${domain}"
109 "public-inbox+environnement@${domain}"
110 ];
111 description = ''
112 environnement@${domain} :
113 discussions sur les impacts environnementaux de l'informatique.
114 '';
115 url = "https://mails.${domain}/inbox/environnement";
116 newsgroup = "inbox.comp.sourcephile.environnement";
117 config.coderepo = [ "sourcephile-txt" ];
118 };
119 labo = {
120 address = [
121 "labo@${domain}"
122 "public-inbox+labo@${domain}"
123 ];
124 description = ''
125 labo@${domain} :
126 discussions concernant la science de l'informatique.
127 '';
128 url = "https://mails.${domain}/inbox/labo";
129 newsgroup = "inbox.comp.sourcephile.labo";
130 config.coderepo = [
131 "sourcephile-txt"
132 # TODO: list many source code repositories
133 ];
134 };
135 machines = {
136 address = [
137 "machines@${domain}"
138 "public-inbox+machines@${domain}"
139 ];
140 description = ''
141 machines@${domain} :
142 discussions concernant l'administration technique de l'infrastructure informatique.
143 '';
144 url = "https://mails.${domain}/inbox/machines";
145 newsgroup = "inbox.comp.sourcephile.machines";
146 config.coderepo = [ "sourcephile-txt" "sourcephile-nix" ];
147 };
148 pont = {
149 address = [
150 "pont@${domain}"
151 "public-inbox+pont@${domain}"
152 ];
153 description = ''
154 pont@${domain} :
155 discussions à l'attention de l'ensemble des personnes à bord.
156 '';
157 url = "https://mails.${domain}/inbox/pont";
158 newsgroup = "inbox.comp.sourcephile.pont";
159 config.coderepo = [ "sourcephile-txt" ];
160 };
161 test = {
162 address = [
163 "test@${domain}"
164 "public-inbox+test@${domain}"
165 ];
166 description = ''
167 test@${domain} :
168 une cible de test pour effectuer des tirs de mails.
169 '';
170 url = "https://mails.${domain}/inbox/test";
171 newsgroup = "inbox.comp.sourcephile.test";
172 config = {
173 hide = [ "www" "manifest" ];
174 };
175 };
176 };
177
178 config.coderepo = {
179 sourcephile-txt = {
180 dir = "/var/lib/gitolite/repositories/sourcephile-txt.git";
181 cgitUrl = "https://code.${domain}/sourcephile-txt.git";
182 };
183 sourcephile-nix = {
184 dir = "/var/lib/gitolite/repositories/sourcephile-nix.git";
185 cgitUrl = "https://code.${domain}/sourcephile-nix.git";
186 };
187 };
188 };
189 }
NixOS configurations for Sourcephile's infrastructure