]> Git — Sourcephile - sourcephile-nix.git/blob - hosts/losurdo/postfix/sourcephile.nix
acme: enable dnsPropagationCheck :s
[sourcephile-nix.git] / hosts / losurdo / postfix / sourcephile.nix
1 { config, ... }:
2 let domain = "sourcephile.fr"; in
3 {
4 services.postfix = {
5 extraAliases = ''
6 '';
7 virtual = ''
8 root@${domain} julm+root@${domain}
9 '';
10 tls_server_sni_maps =
11 let
12 chain = [
13 "/var/lib/acme/${domain}/key.pem"
14 "/var/lib/acme/${domain}/fullchain.pem"
15 ];
16 in
17 {
18 "smtp.${domain}" = chain;
19 "mail.${domain}" = chain;
20 };
21 config = {
22 virtual_mailbox_domains = [
23 domain
24 ];
25 };
26 };
27 security.acme.certs."${domain}" = {
28 postRun = "systemctl try-restart postfix";
29 };
30 systemd.services.postfix = {
31 wants = [ "acme-selfsigned-${domain}.service" "acme-${domain}.service" ];
32 after = [ "acme-selfsigned-${domain}.service" ];
33 };
34 }