From 81a77df2c053e59026970b07969b994b09e8f011 Mon Sep 17 00:00:00 2001
From: Stefan Ellmauthaler <stefan.ellmauthaler@tu-dresden.de>
Date: Tue, 2 Aug 2022 12:46:05 +0200
Subject: [PATCH] Base configuration email server

---
 modules/server/smailserver.nix | 18 ++++++++++++++++++
 secrets/server.yaml            |  5 +++--
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/modules/server/smailserver.nix b/modules/server/smailserver.nix
index afec6dd..fb97085 100644
--- a/modules/server/smailserver.nix
+++ b/modules/server/smailserver.nix
@@ -9,6 +9,24 @@ with lib;{
         enable = true;
         fqdn = "mail.ellmauthaler.net";
         domains = [ "ellmauthaler.net" ];
+
+        loginAccounts = {
+          "ellmau@ellmauthaler.net" = {
+            aliases = [ "stefan@ellmauthaler.net" "postmaster@ellmauthaler.net" "abuse@ellmauthaler.net" ];
+            hashedPasswordFile = sops.secrets.ellmauMail.path;
+          };
+        };
+        
+        # use ACME
+        certificateScheme = 3;
+      };
+
+      sops.secrets = {
+        ellmauMail = {
+          owner = mailserver.vmailUserName;
+          group = mailserver.vmailGroupName;
+          sopsFile = ../../secrets/server.yaml;
+        };
       };
     };
 }
diff --git a/secrets/server.yaml b/secrets/server.yaml
index d4cc2e0..2c240a7 100644
--- a/secrets/server.yaml
+++ b/secrets/server.yaml
@@ -1,13 +1,14 @@
 storemin: ENC[AES256_GCM,data:oCFpGrb+fLkVuHPgUkVi5MFbnCJiJyT4Vac6keNU,iv:5HS/xlS+sHCyRcn8ImpzbRmwpjZicq1U5C3fiuKoclY=,tag:6wbXHzDt9MApTzyIyss+qQ==,type:str]
 cloudstore_user: ENC[AES256_GCM,data:Ist58mJGxnvQA8xQ9s4SBC+3cGnQKqAm/g7nbmv5,iv:2DG0iR6trxoDmc2dxAVo0DAauzAaQc4MLmifii4MuXQ=,tag:jkpcZtX7gwr6fG0qd1+Y9w==,type:str]
+ellmauMail: ENC[AES256_GCM,data:KdnhzssBb+rQxz7uMm12JeyNokxl17FEomP1twPSKYwf7Rw2sUn89k5/4M7i1/AxyS/5ZRZHrapep9ho,iv:YkicoKSYWPmVEvXI/trI3m8Tc3bR1d/z2La2TiaeuDA=,tag:wxX/+Ky4ssaCXl6UnNUVfg==,type:str]
 sops:
     kms: []
     gcp_kms: []
     azure_kv: []
     hc_vault: []
     age: []
-    lastmodified: "2022-06-10T14:46:40Z"
-    mac: ENC[AES256_GCM,data:8mWlqOJnnipK6MOsaXtI++XGWOLnvgykfuBOqu4KZWRZPMnNjVe6a76RKARt8IcvUNwktb7oazVPBTWrMelJoXPIMLqBq2h9pbh5eZ1BsvSB/m4Y4MAongz2FItw3xVKUi8v58unoqKrtQwRiuURKXVv7AV/dQ03laOuc3c9YeU=,iv:a5H93RHqEL9cCRpqkp9XaNahEYgHvzIh9dCpPMSQoh0=,tag:yY2TodoAsn3GrU7Zc0pDLA==,type:str]
+    lastmodified: "2022-08-02T10:40:48Z"
+    mac: ENC[AES256_GCM,data:oEMnujZ4rAG1dS4FoS+pEQfB58tesd9cnTNMtQmkrDrPG1g1uLuW+2hSi80oDb5eCgEePfwBvYSf0RlMjooC4KvGpTz3MY78SaIVZKefzBlqPsFIq81Ty8tPFJjEx+g73oNZZ0DYjwKdfhkLX6Z139xHsT9+vOmiNtdkrrY1tBQ=,iv:FNrU/nBy1L4RPIPHWho8oJOr0aSBiGYEblfu1eS8qdo=,tag:93Dx7G+2IS0BiNCOaHNORA==,type:str]
     pgp:
         - created_at: "2022-07-31T12:48:30Z"
           enc: |