diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2025-06-20 21:32:31 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2025-06-20 21:32:31 +0530 |
| commit | 8550c0e84133accdf60d01433b1fbd6ce52d1baf (patch) | |
| tree | decc23945a73fd85cdbe67d98fe2fc01be5ae3dd | |
| parent | ab3e84fb9f380975bec43b4a8c6bed3c8daaeb3f (diff) | |
kay/mail: clean up
| -rw-r--r-- | os/kay/modules/dns/sinanmohd.com.zone | 21 | ||||
| -rw-r--r-- | os/kay/modules/mail.nix | 60 | ||||
| -rw-r--r-- | os/kay/modules/www.nix | 4 |
3 files changed, 46 insertions, 39 deletions
diff --git a/os/kay/modules/dns/sinanmohd.com.zone b/os/kay/modules/dns/sinanmohd.com.zone index 64214ad..5880c01 100644 --- a/os/kay/modules/dns/sinanmohd.com.zone +++ b/os/kay/modules/dns/sinanmohd.com.zone @@ -2,7 +2,7 @@ $ORIGIN sinanmohd.com. $TTL 2d @ IN SOA ns1 hostmaster ( - 2025051100 ; serial + 2025062000 ; serial 2h ; refresh 5m ; retry 1d ; expire @@ -37,14 +37,15 @@ mta-sts IN CNAME @ _mta-sts IN TXT "v=STSv1; id=2024022500" _smtp._tls IN TXT "v=TLSRPTv1; rua=mailto:reports@sinanmohd.com" -www IN CNAME @ -git IN CNAME @ -bin IN CNAME @ -static IN CNAME @ -home IN CNAME @ -nixbin IN CNAME @ -immich IN CNAME @ -sliding IN CNAME @ -grafana IN CNAME @ +www IN CNAME @ +git IN CNAME @ +bin IN CNAME @ +static IN CNAME @ +home IN CNAME @ +nixbin IN CNAME @ +immich IN CNAME @ +sliding IN CNAME @ +grafana IN CNAME @ +stalwart IN CNAME @ _acme-challenge IN NS ns1 diff --git a/os/kay/modules/mail.nix b/os/kay/modules/mail.nix index 57912ac..f36bf23 100644 --- a/os/kay/modules/mail.nix +++ b/os/kay/modules/mail.nix @@ -71,32 +71,36 @@ in source-ip.v6 = "['${ipv6}']"; tls.starttls = "optional"; }; - - server.listener = { - smtp = { - bind = [ - "[${ipv6}]:25" - "0.0.0.0:25" - ]; - protocol = "smtp"; - }; - submission = { - bind = "[::]:587"; - protocol = "smtp"; - }; - submissions = { - bind = "[::]:465"; - protocol = "smtp"; - tls.implicit = true; - }; - imaptls = { - bind = "[::]:993"; - protocol = "imap"; - tls.implicit = true; - }; - http = { - bind = "[::]:8085"; - protocol = "http"; + http.url = "'https://stalwart.${domain}'"; + + server = { + hostname = "mail.${domain}"; + listener = { + smtp = { + bind = [ + "[${ipv6}]:25" + "0.0.0.0:25" + ]; + protocol = "smtp"; + }; + submission = { + bind = "[::]:587"; + protocol = "smtp"; + }; + submissions = { + bind = "[::]:465"; + protocol = "smtp"; + tls.implicit = true; + }; + imaptls = { + bind = "[::]:993"; + protocol = "imap"; + tls.implicit = true; + }; + http = { + bind = "[::]:8085"; + protocol = "http"; + }; }; }; @@ -167,14 +171,14 @@ in principals = [ { class = "admin"; - name = username; + name = "${username}@${domain}"; secret = "%{file:${credentials_directory}/password}%"; inherit email; } { # for mta-sts & dmarc reports class = "individual"; - name = "reports"; + name = "reports@${domain}"; secret = "%{file:${credentials_directory}/password}%"; email = [ "reports@${domain}" ]; } diff --git a/os/kay/modules/www.nix b/os/kay/modules/www.nix index 4f894c5..1e1eb79 100644 --- a/os/kay/modules/www.nix +++ b/os/kay/modules/www.nix @@ -92,6 +92,8 @@ in }' ''; + "/.well-known/".proxyPass = "http://127.0.0.1:8085"; + "~ ^(\\/_matrix|\\/_synapse\\/client)".proxyPass = "http://127.0.0.1:${toString config.services.dendrite.httpPort}"; }; @@ -160,7 +162,7 @@ in }; }; - "mail.${domain}" = defaultOpts // { + "stalwart.${domain}" = defaultOpts // { locations."/" = { proxyWebsockets = true; proxyPass = "http://127.0.0.1:8085"; |