39 lines
1 KiB
Nix
39 lines
1 KiB
Nix
{config, ...}: {
|
|
age.secrets."bind_pw".file = ../secrets/bind_pw;
|
|
|
|
mailserver = {
|
|
stateVersion = 3;
|
|
enable = true;
|
|
fqdn = "distrust.network";
|
|
domains = ["distrust.network"];
|
|
certificateScheme = "acme";
|
|
ldap = {
|
|
enable = true;
|
|
bind.dn = "cn=bind,ou=people,dc=distrust,dc=network";
|
|
bind.passwordFile = config.age.secrets."bind_pw".path;
|
|
searchBase = "ou=people,dc=distrust,dc=network";
|
|
uris = ["ldap://localhost:3890"];
|
|
};
|
|
};
|
|
|
|
services.borgbackup.jobs."mailserver" = {
|
|
repo = "ssh://u506783@u506783.your-storagebox.de:23/./mailserver";
|
|
environment = {
|
|
BORG_RSH = "ssh -i ${config.age.secrets."borg_ed25519".path} -o 'StrictHostKeyChecking=no'";
|
|
};
|
|
paths = [
|
|
"/var/vmail/ldap"
|
|
];
|
|
encryption = {
|
|
mode = "passkey";
|
|
passCommand = "cat ${config.age.secrets."borg_pass".path}";
|
|
};
|
|
compression = "auto,lzma";
|
|
startAt = "daily";
|
|
prune.keep = {
|
|
daily = 7;
|
|
weekly = 4;
|
|
monthly = -1;
|
|
};
|
|
};
|
|
}
|