]> Git — Sourcephile - sourcephile-nix.git/blob - servers/mermet/dovecot/autoconfig.nix
x509: send the key once for root, not one per service
[sourcephile-nix.git] / servers / mermet / dovecot / autoconfig.nix
1 {pkgs, lib, config, ...}:
2 let inherit (builtins) attrNames;
3 inherit (config.services) dovecot2;
4 in
5 {
6 config = {
7 services.nginx = {
8 virtualHosts."autoconfig" =
9 let servers = lib.concatMapStringsSep " "
10 (dom: "autoconfig.${dom}")
11 (attrNames dovecot2.domains);
12 in
13 {
14 serverName = "autoconfig.${config.networking.domain}";
15 serverAliases =
16 map (domainAlias: "autoconfig." + domainAlias)
17 config.networking.domainAliases;
18 #addSSL = true;
19 extraConfig = ''
20 access_log off;
21 log_not_found off;
22 '';
23 root = pkgs.writeTextFile {
24 name = "autoconfig";
25 destination = "/mail/config-v1.1.xml";
26 text = ''
27 <?xml version="1.0"?>
28 <clientConfig version="1.1">
29 <emailProvider id="%EMAILDOMAIN%">
30 <!-- <displayName></displayName> -->
31 <!-- <displayShortName></displayShortName> -->
32 <domain>%EMAILDOMAIN%</domain>
33 <incomingServer type="imap">
34 <hostname>mail.%EMAILDOMAIN%</hostname>
35 <port>993</port>
36 <socketType>SSL</socketType>
37 <username>%EMAILADDRESS%</username>
38 <authentication>password-cleartext</authentication>
39 </incomingServer>
40 <incomingServer type="pop3">
41 <hostname>mail.%EMAILDOMAIN%</hostname>
42 <port>995</port>
43 <socketType>SSL</socketType>
44 <username>%EMAILADDRESS%</username>
45 <authentication>password-cleartext</authentication>
46 <pop3>
47 <leaveMessagesOnServer>false</leaveMessagesOnServer>
48 <downloadOnBiff>true</downloadOnBiff>
49 </pop3>
50 </incomingServer>
51 <outgoingServer type="smtp">
52 <hostname>mail.%EMAILDOMAIN%</hostname>
53 <port>465</port>
54 <socketType>SSL</socketType> <!-- see above -->
55 <username>%EMAILADDRESS%</username> <!-- if smtp-auth -->
56 <authentication>password-cleartext</authentication>
57 <!-- <restriction>client-IP-address</restriction> -->
58 <addThisServer>true</addThisServer>
59 <useGlobalPreferredServer>false</useGlobalPreferredServer>
60 </outgoingServer>
61 </emailProvider>
62 <!-- <clientConfigUpdate url="https://www.example.com/config/mozilla.xml" /> -->
63 </clientConfig>
64 '';
65 };
66 };
67 };
68 };
69 }