enable dovecot for IMAP
tested and working. still need to enable the submission service.
This commit is contained in:
parent
07c8ff12a6
commit
93805c6602
|
@ -5,7 +5,7 @@
|
|||
|
||||
networking.firewall.enable = false;
|
||||
# networking.firewall.enable = true;
|
||||
# networking.firewall.allowedTCPPorts = [ 25 80 443 ];
|
||||
# networking.firewall.allowedTCPPorts = [ 25 80 143 443 993 ];
|
||||
# # DLNA ports: https://jellyfin.org/docs/general/networking/index.html
|
||||
# networking.firewall.allowedUDPPorts = [ 1900 7359 ];
|
||||
|
||||
|
|
|
@ -182,6 +182,12 @@
|
|||
};
|
||||
};
|
||||
|
||||
# exists only to manage acme for dovecot
|
||||
services.nginx.virtualHosts."imap.uninsane.org" = {
|
||||
forceSSL = true;
|
||||
enableACME = true;
|
||||
};
|
||||
|
||||
security.acme.acceptTerms = true;
|
||||
security.acme.email = "acme@uninsane.org";
|
||||
}
|
||||
|
|
|
@ -50,4 +50,26 @@
|
|||
# /run/opendkim/opendkim.sock needs to be rw by postfix
|
||||
UMask = lib.mkForce "0011";
|
||||
};
|
||||
|
||||
# inspired by https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/
|
||||
services.dovecot2.enable = true;
|
||||
services.dovecot2.sslServerCert = "/var/lib/acme/imap.uninsane.org/fullchain.pem";
|
||||
services.dovecot2.sslServerKey = "/var/lib/acme/imap.uninsane.org/key.pem";
|
||||
services.dovecot2.enablePAM = false;
|
||||
# passwd file looks like /etc/passwd.
|
||||
# use nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "my passwd" to generate the password
|
||||
services.dovecot2.extraConfig = ''
|
||||
passdb {
|
||||
driver = passwd-file
|
||||
args = /etc/nixos/secrets/dovecot.passwd
|
||||
}
|
||||
userdb {
|
||||
driver = passwd-file
|
||||
args = /etc/nixos/secrets/dovecot.passwd
|
||||
}
|
||||
|
||||
mail_debug = yes
|
||||
auth_debug = yes
|
||||
# verbose_ssl = yes
|
||||
'';
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user