diff --git a/machines/vueko/configuration.nix b/machines/vueko/configuration.nix index c3fa9bf..ceba7eb 100644 --- a/machines/vueko/configuration.nix +++ b/machines/vueko/configuration.nix @@ -24,6 +24,10 @@ "psycho-power-papagei.de" "sbruder.de" ]; + autoconfig = { + enable = true; + domain = "sbruder.de"; + }; users = import ./secrets/mail-users.nix; rejectSenders = import ./secrets/mail-reject-senders.nix; }; diff --git a/modules/mailserver.nix b/modules/mailserver.nix index 2a8c287..fdda31b 100644 --- a/modules/mailserver.nix +++ b/modules/mailserver.nix @@ -27,6 +27,24 @@ in description = "Domains to serve"; example = [ "example.com" "example.org" ]; }; + autoconfig = { + enable = mkEnableOption "autoconfiguration of compatible clients. Requires autoconfig. to exist for all specified domains"; + domain = mkOption { + type = str; + description = "Domain of the mail system."; + example = "example.com"; + }; + displayName = mkOption { + type = str; + description = "Name of the mail system."; + default = cfg.autoconfig.domain; + }; + displayShortName = mkOption { + type = str; + description = "Short name of the mail system."; + default = cfg.autoconfig.displayName; + }; + }; users = mkOption { type = listOf (submodule { options = { @@ -541,5 +559,41 @@ in }; users.users.postfix.extraGroups = lib.mkIf cfg.dkim.enable (lib.singleton config.users.users.opendkim.group); + + # Autoconfig + services.nginx = lib.mkIf cfg.autoconfig.enable { + enable = true; + virtualHosts = lib.listToAttrs (map + (domain: lib.nameValuePair "autoconfig.${domain}" { + enableACME = true; + forceSSL = true; + + locations."=/mail/config-v1.1.xml".alias = pkgs.writeText "config-v1.1.xml" '' + + + + ${lib.escapeXML cfg.autoconfig.domain} + ${lib.escapeXML cfg.autoconfig.displayName} + ${lib.escapeXML cfg.autoconfig.displayShortName} + + ${lib.escapeXML cfg.fqdn} + 993 + SSL + password-cleartext + %EMAILADDRESS% + + + ${lib.escapeXML cfg.fqdn} + 465 + SSL + password-cleartext + %EMAILADDRESS% + + + + ''; + }) + cfg.domains); + }; }; }