Integrate mailman3 service into my existing configuration.

This commit is contained in:
Kevin Baensch 2019-07-03 08:38:11 +02:00
parent df12a85010
commit d9ecea0a17
4 changed files with 42 additions and 14 deletions

View file

@ -5,6 +5,7 @@ with lib;
{ {
imports = [ imports = [
../../options/machine.nix ../../options/machine.nix
../../options/mailman3/options.nix
]; ];
config.machine = rec { config.machine = rec {
@ -48,4 +49,22 @@ with lib;
allowedTCPPortRanges = []; allowedTCPPortRanges = [];
}; };
}; };
config.services.mailman3 = {
enable = true;
site_owner = "derped@ophanim.de";
database = {
type = "mysql";
name = "mailman3";
user = "mailman3";
host = "localhost";
port = 3306;
passwordFile = "/secret/mailman3_db";
};
mta = {
lmtp_host = "mail.ophanim.de";
smtp_host = "mail.ophanim.de";
smtp_user = "mailman3";
smtp_passFile = "/secret/mailman3_mail";
};
};
} }

View file

@ -13,7 +13,7 @@ mkIf (elem "gitea" config.machine.services) {
type = "mysql"; type = "mysql";
user = "git"; user = "git";
name = "gitea"; name = "gitea";
passwordFile = "/secret/gitea"; passwordFile = "/secret/gitea_db";
}; };
extraConfig = '' extraConfig = ''
[repository] [repository]
@ -31,8 +31,10 @@ mkIf (elem "gitea" config.machine.services) {
}; };
users.users.git = { users.users.git = {
description = "Gitea Service";
isNormalUser = true; isNormalUser = true;
home = "/var/lib/gitea"; home = config.services.gitea.stateDir;
createHome = true; createHome = true;
useDefaultShell = true;
}; };
} }

View file

@ -8,9 +8,12 @@ mkIf (elem "mailserver" config.machine.services) {
fqdn = "mail.${config.machine.domain}"; fqdn = "mail.${config.machine.domain}";
domains = [ config.machine.domain ]; domains = [ config.machine.domain ];
loginAccounts = { loginAccounts = {
"derped@${config.machine.domain}" = { "derped@${config.machine.domain}" = {
hashedPassword = (fileContents /secret/derped.mail); hashedPassword = (fileContents /secret/derped.mail);
}; };
"mailman3@${config.machine.domain}" = {
hashedPassword = (fileContents /secret/mailman3.mail);
};
}; };
# Use Let's Encrypt certificates. Note that this needs to set up a stripped # Use Let's Encrypt certificates. Note that this needs to set up a stripped
# down nginx and opens port 80. # down nginx and opens port 80.

View file

@ -3,19 +3,23 @@
with lib; with lib;
let let
giteapwd = if config.services.gitea.enable then (fileContents /secret/gitea) else ""; cfg = config.services;
mkInitialDatabases = servicename: if (cfg."${servicename}".enable && (cfg."${servicename}".database.type == "mysql")) then
let
password = (fileContents "/secret/${servicename}_db");
cfg = config.services."${servicename}".database;
in {
name = cfg.name;
schema = pkgs.writeText "${cfg.name}.sql" ''
create user if not exists ${cfg.user}@'localhost' identified by ${password};
grant all privileges on ${cfg.name}.* to ${cfg.user}@'localhost' identified by ${password};
'';
} else {};
in mkIf (elem "mariaDB" config.machine.services) { in mkIf (elem "mariaDB" config.machine.services) {
services.mysql = { services.mysql = {
enable = true; enable = true;
package = pkgs.mariadb; package = pkgs.mariadb;
initialDatabases = if config.services.gitea.enable then [ { initialDatabases = (map mkInitialDatabases [ "mailman3" "gitea" ]);
name = "gitea";
schema = pkgs.writeText "gitea.sql"
''
create user if not exists 'git'@'localhost' identified by ${giteapwd};
grant all privileges on gitea.* to 'git'@'localhost' identified by ${giteapwd};
'';
} ] else [];
}; };
} }