1 { pkgs, lib, config, ... }:
3 inherit (config.services) public-inbox;
4 inherit (config.users) groups;
22 # Pour supprimer un message :
23 # curl https://mails.sourcephile.fr/inbox/environnement/8ea699887ca47797b4460053588cbef2d115829ab4@vieber.ru/raw |
24 # sudo -u public-inbox public-inbox-learn rm
26 security.acme.certs."${domain}" = {
27 postRun = "systemctl try-restart public-inbox-nntpd public-inbox-imapd";
29 networking.nftables.ruleset = ''
30 add rule inet filter net2fw tcp dport ${toString public-inbox.nntp.port} counter accept comment "NNTPS"
31 add rule inet filter net2fw tcp dport 1993 counter accept comment "IMAPS"
33 fileSystems."/var/lib/public-inbox" = {
34 device = "rpool/var/public-inbox";
38 public-inbox-httpd = {
40 SupplementaryGroups = [ groups."git-daemon".name ];
41 BindReadOnlyPaths = [ "/var/lib/acme/${domain}" ];
44 public-inbox-imapd = {
45 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
46 after = [ "acme-selfsigned-${domain}.service" ];
48 SupplementaryGroups = [ groups."acme".name ];
49 BindReadOnlyPaths = [ "/var/lib/acme/${domain}" ];
52 public-inbox-nntpd = {
53 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service"];
54 after = [ "acme-selfsigned-${domain}.service" ];
56 SupplementaryGroups = [ groups."acme".name ];
57 BindReadOnlyPaths = [ "/var/lib/acme/${domain}" ];
61 services.public-inbox = {
63 settings.publicinbox = {
64 css = [ "href=https://mails.${domain}/style/light.css" ];
65 nntpserver = [ "nntps://news.${domain}" ];
66 wwwlisting = "match=domain";
70 args = [ "--no-precheck" ]; # Allow Bcc:
74 port = "/run/public-inbox-http.sock";
78 "https://mails.${domain}/inbox"
79 "https://public-inbox.${domain}/inbox"
86 cert = "/var/lib/acme/${domain}/fullchain.pem";
87 key = "/var/lib/acme/${domain}/key.pem";
91 # FIXME: find an IP or .onion to put 993
93 args = [ "-W0" "--listen" "imaps://0.0.0.0:1993" ];
95 cert = "/var/lib/acme/${domain}/fullchain.pem";
96 key = "/var/lib/acme/${domain}/key.pem";
102 "public-inbox+news@${domain}"
106 annonces d'informations concernant importantes
108 url = "https://mails.${domain}/inbox/news";
109 newsgroup = "inbox.comp.${orga}.news";
110 #coderepo = [ "sourcephile-txt" ];
115 "public-inbox+chat@${domain}"
119 discussions concernant l'informatique en général.
121 url = "https://mails.${domain}/inbox/chat";
122 newsgroup = "inbox.comp.${orga}.chat";
127 "public-inbox+contact@${domain}"
131 discussions avec le grand public.
133 url = "https://mails.${domain}/inbox/contact";
134 newsgroup = "inbox.comp.${orga}.contact";
135 #coderepo = [ "${orga}" ];
139 "environnement@${domain}"
140 "public-inbox+environnement@${domain}"
143 environnement@${domain} :
144 discussions sur les impacts environnementaux de l'informatique.
146 url = "https://mails.${domain}/inbox/environnement";
147 newsgroup = "inbox.comp.${orga}.environnement";
148 #coderepo = [ "sourcephile-txt" ];
153 "public-inbox+labo@${domain}"
157 discussions concernant la science de l'informatique.
159 url = "https://mails.${domain}/inbox/labo";
160 newsgroup = "inbox.comp.${orga}.labo";
161 # TODO: list many source code repositories
162 #coderepo = [ "sourcephile-txt" ];
167 "public-inbox+prod@${domain}"
171 discussions concernant l'administration technique de l'infrastructure informatique.
173 url = "https://mails.${domain}/inbox/prod";
174 newsgroup = "inbox.comp.${orga}.prod";
175 #coderepo = [ "sourcephile-txt" "sourcephile-nix" ];
180 "public-inbox+orga@${domain}"
184 discussions à l'attention de l'ensemble des personnes à bord.
186 url = "https://mails.${domain}/inbox/orga";
187 newsgroup = "inbox.comp.${orga}.orga";
188 #coderepo = [ "sourcephile-txt" ];
193 "public-inbox+test@${domain}"
197 une cible de test pour effectuer des tirs de mails.
199 url = "https://mails.${domain}/inbox/test";
200 newsgroup = "inbox.comp.${orga}.test";
201 hide = [ /* FIXME: doesn't work for IMAP */"imap" "www" "manifest" ];
203 } // lib.genAttrs inboxes (name: {
206 "public-inbox+${name}@${domain}"
210 discussions concernant ${name}.
212 url = "https://mails.${domain}/inbox/${name}";
213 newsgroup = "inbox.comp.${orga}.${name}";
216 settings.coderepo = {
218 dir = "/var/lib/gitolite/repositories/sourcephile-txt.git";
219 cgitUrl = "https://code.${domain}/sourcephile-txt.git";
222 dir = "/var/lib/gitolite/repositories/sourcephile-nix.git";
223 cgitUrl = "https://code.${domain}/sourcephile-nix.git";
225 } // lib.genAttrs inboxes (name: {
226 dir = "/var/lib/gitolite/repositories/${name}.git";
227 cgitUrl = "https://code.${domain}/${name}.git";
230 services.postfix.virtual = lib.concatMapStringsSep "\n" (name: ''
231 ${name}@${domain} public-inbox@localhost
233 services.sanoid.datasets."rpool/var/public-inbox" = {
234 use_template = [ "local" ];
sourcephile / git / sourcephile-nix.git / blob