yadunut/clan-core
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Migrate deltachat from clanModule to clanService

Browse Source
This commit is contained in:
pinpox
2025-06-03 14:40:50 +02:00
parent 6679a64dea
commit badf5d1852
4 changed files with 173 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
clanModules/deltachat/README.md
View File

@@ -1,5 +1,7 @@
---
description = "Email-based instant messaging for Desktop."
categories = ["Communication"]
features = [ "inventory", "deprecated" ]
---
!!! info

164
clanServices/deltachat/default.nix Normal file
View File

@@ -0,0 +1,164 @@
{ ... }:
{
_class = "clan.service";
manifest.name = "clan-core/deltachat";
manifest.description = "Email-based instant messaging for Desktop";
manifest.categories = [ "Communication" ];
roles.default = {
interface =
{ lib, ... }:
{
options = { };
};
perInstance =
{ settings, ... }:
{
nixosModule =
{ config, pkgs, ... }:
{
networking.firewall.interfaces."zt+".allowedTCPPorts = [ 25 ]; # smtp with other hosts
environment.systemPackages = [ pkgs.deltachat-desktop ];
services.maddy =
let
domain = "${config.clan.core.settings.machine.name}.local";
in
{
enable = true;
primaryDomain = domain;
config = ''
# Minimal configuration with TLS disabled, adapted from upstream example
# configuration here https://github.com/foxcpp/maddy/blob/master/maddy.conf
# Do not use this in unencrypted networks!
auth.pass_table local_authdb {
table sql_table {
driver sqlite3
dsn credentials.db
table_name passwords
}
}
storage.imapsql local_mailboxes {
driver sqlite3
dsn imapsql.db
}
table.chain local_rewrites {
optional_step regexp "(.+)\+(.+)@(.+)" "$1@$3"
optional_step static {
entry postmaster postmaster@$(primary_domain)
}
optional_step file /etc/maddy/aliases
}
msgpipeline local_routing {
destination postmaster $(local_domains) {
modify {
replace_rcpt &local_rewrites
}
deliver_to &local_mailboxes
}
default_destination {
reject 550 5.1.1 "User doesn't exist"
}
}
smtp tcp://[::]:25 {
limits {
all rate 20 1s
all concurrency 10
}
dmarc yes
check {
require_mx_record
dkim
spf
}
source $(local_domains) {
reject 501 5.1.8 "Use Submission for outgoing SMTP"
}
default_source {
destination postmaster $(local_domains) {
deliver_to &local_routing
}
default_destination {
reject 550 5.1.1 "User doesn't exist"
}
}
}
submission tcp://[::1]:587 {
limits {
all rate 50 1s
}
auth &local_authdb
source $(local_domains) {
check {
authorize_sender {
prepare_email &local_rewrites
user_to_email identity
}
}
destination postmaster $(local_domains) {
deliver_to &local_routing
}
default_destination {
modify {
dkim $(primary_domain) $(local_domains) default
}
deliver_to &remote_queue
}
}
default_source {
reject 501 5.1.8 "Non-local sender domain"
}
}
target.remote outbound_delivery {
limits {
destination rate 20 1s
destination concurrency 10
}
mx_auth {
dane
mtasts {
cache fs
fs_dir mtasts_cache/
}
local_policy {
min_tls_level encrypted
min_mx_level none
}
}
}
target.queue remote_queue {
target &outbound_delivery
autogenerated_msg_domain $(primary_domain)
bounce {
destination postmaster $(local_domains) {
deliver_to &local_routing
}
default_destination {
reject 550 5.0.0 "Refusing to send DSNs to non-local addresses"
}
}
}
imap tcp://[::1]:143 {
auth &local_authdb
storage &local_mailboxes
}
'';
ensureAccounts = [ "user@${domain}" ];
ensureCredentials = {
"user@${domain}".passwordFile = pkgs.writeText "dummy" "foobar";
};
};
};
};
};
}

6
clanServices/deltachat/flake-module.nix Normal file
View File

@@ -0,0 +1,6 @@
{ lib, ... }:
{
clan.modules = {
deltachat = lib.modules.importApply ./default.nix { };
};
}

1
clanServices/flake-module.nix
View File

@@ -2,6 +2,7 @@
{
imports = [
./admin/flake-module.nix
./deltachat/flake-module.nix
./hello-world/flake-module.nix
./wifi/flake-module.nix
./borgbackup/flake-module.nix