config/server/groupware/mta-sts.nix at main

encode42.dev / nixos

fork atom

Personal-use NixOS configuration

fork atom

nixos / config / server / groupware / mta-sts.nix

at main 35 lines 639 B view raw

wrap content

encode42.dev Move software and package configurations to `config` 14d ago

e163a950

 1{ domain, ssl }:
 2
 3{ pkgs, flakeLib, ... }:
 4
 5let
 6  mailDomain = "mx.${domain}";
 7  tlsDomain = "mta-sts.${domain}";
 8in
 9{
10  services.caddy.virtualHosts =
11    flakeLib.mkProxies
12      [
13        {
14          name = tlsDomain;
15
16          inherit ssl;
17        }
18      ]
19      ''
20        file_server
21
22        root * ${
23          pkgs.runCommand "testdir" { } ''
24            mkdir -p "$out/.well-known"
25
26            printf "%s\n" \
27              "version: STSv1" \
28              "mode: enforce" \
29              "max_age: 604800" \
30              "mx: ${mailDomain}" \
31              > "$out/.well-known/mta-sts.txt"
32          ''
33        }
34      '';
35}