config-perso/machines/kat-betamail/modo.nix

67 lines
1.3 KiB
Nix
Raw Normal View History

2024-06-21 13:46:57 +02:00
{
config,
pkgs,
lib,
...
}:
2024-07-18 14:47:43 +02:00
let
host = "catvayor.sh";
in
2024-06-21 13:46:57 +02:00
{
users.users.moderators = {
isNormalUser = true;
2024-09-07 13:39:07 +02:00
extraGroups = [ "postdrop" ];
2024-06-21 13:46:57 +02:00
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
};
2024-09-26 11:51:04 +02:00
home-manager.users.moderators = { };
2024-07-18 14:47:43 +02:00
mailserver.loginAccounts."moderators@${host}" = {
2024-06-21 13:46:57 +02:00
hashedPassword = "";
sieveScript = ''
require "vnd.dovecot.pipe";
pipe "procmail-modo";
'';
};
services.dovecot2.sieve = {
extensions = [ "vnd.dovecot.pipe" ];
pipeBins = [
(lib.getExe (
pkgs.writeShellApplication {
name = "procmail-modo";
text = ''
exec /run/wrappers/bin/sudo ${lib.getExe' pkgs.procmail "procmail"} -d moderators
'';
}
))
];
};
security.sudo.extraRules = [
{
users = [ "virtualMail" ];
commands = [
{
command = "${lib.getExe' pkgs.procmail "procmail"}";
options = [
"SETENV"
"NOPASSWD"
];
}
];
}
];
2024-07-09 17:55:50 +02:00
services.postgresql = {
enable = true;
ensureUsers = [
{
name = "moderators";
ensureClauses.superuser = true;
}
];
ensureDatabases = [
"moderation"
];
identMap = ''
map-moderators moderators moderators
'';
};
2024-06-21 13:46:57 +02:00
}