Luke Granger-Brown
57725ef3ec
git-subtree-dir: third_party/nixpkgs git-subtree-split: 76612b17c0ce71689921ca12d9ffdc9c23ce40b2
108 lines
2.9 KiB
Nix
108 lines
2.9 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.services.automx2;
|
|
format = pkgs.formats.json { };
|
|
in
|
|
{
|
|
options = {
|
|
services.automx2 = {
|
|
enable = lib.mkEnableOption "automx2";
|
|
|
|
package = lib.mkPackageOption pkgs [
|
|
"python3Packages"
|
|
"automx2"
|
|
] { };
|
|
|
|
domain = lib.mkOption {
|
|
type = lib.types.str;
|
|
example = "example.com";
|
|
description = ''
|
|
E-Mail-Domain for which mail client autoconfig/autoconfigure should be set up.
|
|
The `autoconfig` and `autodiscover` subdomains are automatically prepended and set up with ACME.
|
|
The names of those domains are hardcoded in the mail clients and are not configurable.
|
|
'';
|
|
};
|
|
|
|
port = lib.mkOption {
|
|
type = lib.types.port;
|
|
default = 4243;
|
|
description = "Port used by automx2.";
|
|
};
|
|
|
|
settings = lib.mkOption {
|
|
inherit (format) type;
|
|
description = ''
|
|
Bootstrap json to populate database.
|
|
See [docs](https://rseichter.github.io/automx2/#_sqlite) for details.
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
services.nginx = {
|
|
enable = true;
|
|
virtualHosts = {
|
|
"autoconfig.${cfg.domain}" = {
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
serverAliases = [ "autodiscover.${cfg.domain}" ];
|
|
locations = {
|
|
"/".proxyPass = "http://127.0.0.1:${toString cfg.port}/";
|
|
"/initdb".extraConfig = ''
|
|
# Limit access to clients connecting from localhost
|
|
allow 127.0.0.1;
|
|
deny all;
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services.automx2 = {
|
|
after = [ "network.target" ];
|
|
postStart = ''
|
|
sleep 3
|
|
${lib.getExe pkgs.curl} -X POST --json @${format.generate "automx2.json" cfg.settings} http://127.0.0.1:${toString cfg.port}/initdb/
|
|
'';
|
|
serviceConfig = {
|
|
Environment = [
|
|
"AUTOMX2_CONF=${pkgs.writeText "automx2-conf" ''
|
|
[automx2]
|
|
loglevel = WARNING
|
|
db_uri = sqlite:///:memory:
|
|
proxy_count = 1
|
|
''}"
|
|
"FLASK_APP=automx2.server:app"
|
|
"FLASK_CONFIG=production"
|
|
];
|
|
ExecStart = "${
|
|
pkgs.python3.buildEnv.override { extraLibs = [ cfg.package ]; }
|
|
}/bin/flask run --host=127.0.0.1 --port=${toString cfg.port}";
|
|
Restart = "always";
|
|
StateDirectory = "automx2";
|
|
User = "automx2";
|
|
WorkingDirectory = "/var/lib/automx2";
|
|
};
|
|
unitConfig = {
|
|
Description = "MUA configuration service";
|
|
Documentation = "https://rseichter.github.io/automx2/";
|
|
};
|
|
wantedBy = [ "multi-user.target" ];
|
|
};
|
|
|
|
users = {
|
|
groups.automx2 = { };
|
|
users.automx2 = {
|
|
group = "automx2";
|
|
isSystemUser = true;
|
|
};
|
|
};
|
|
};
|
|
}
|