From ca3ccf55a31c92c3eba5130fef7ec17f51a7805a Mon Sep 17 00:00:00 2001
From: Mark Nipper <nipsy@bitgnome.net>
Date: Mon, 14 Oct 2024 15:08:59 -0700
Subject: Add postfix @arrakis

---
 hosts/arrakis/services.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'hosts/arrakis')

diff --git a/hosts/arrakis/services.nix b/hosts/arrakis/services.nix
index 2b4bf1d..6eb514e 100644
--- a/hosts/arrakis/services.nix
+++ b/hosts/arrakis/services.nix
@@ -7,6 +7,11 @@
 
   security.acme = {
     acceptTerms = true;
+    certs."arrakis.bitgnome.net".postRun = ''
+      ${pkgs.acl}/bin/setfacl -m u:postfix:--x /var/lib/acme/arrakis.bitgnome.net
+      ${pkgs.acl}/bin/setfacl -m u:postfix:r-- /var/lib/acme/arrakis.bitgnome.net/{fullchain,key}.pem
+      ${pkgs.systemd}/bin/systemctl reload postfix.service
+    '';
     defaults.email = "nipsy@bitgnome.net";
   };
 
@@ -113,6 +118,14 @@
       };
     };
 
+    postfix = {
+      enable = true;
+      relayHost = "mail.bitgnome.net";
+      relayPort = 587;
+      sslCert = "/var/lib/acme/arrakis.bitgnome.net/fullchain.pem";
+      sslKey = "/var/lib/acme/arrakis.bitgnome.net/key.pem";
+    };
+
     printing.enable = true;
 
     sabnzbd = {
-- 
cgit v1.2.3