Finally switch to flakes.

nixos/server/mailserver.nix

@@ -0,0 +1,54 @@
+{pkgs, ...}: let
+  secrets = import ../common/secrets.nix;
+in rec {
+  # Mail server
+  mailserver = rec {
+    enable = true;
+    enableManageSieve = true;
+    domains = [ "${secrets.jimDomain}" ];
+    fqdn = "mx.${secrets.jimDomain}";
+    certificateScheme = "acme-nginx";
+    localDnsResolver = false;
+    redis.port = 1515;
+        
+    # A list of accounts, passwords generated with nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
+    loginAccounts = {
+      "noreply@${secrets.jimDomain}" = {
+        hashedPasswordFile = pkgs.writeText "noreply" secrets.noreplyMailHash;
+        sendOnly = true;
+      };    
+      "jimbo@${secrets.jimDomain}" = {
+        hashedPasswordFile = pkgs.writeText "jimbo" secrets.jimboMailHash;
+        aliases = [ "canada@${secrets.jimDomain}" "contact@${secrets.jimDomain}" ];
+      };
+      "lunamoonlight@${secrets.jimDomain}" = {
+        hashedPasswordFile = pkgs.writeText "luna" secrets.lunaMailHash;
+        aliases = [ "us@${secrets.jimDomain}" "contact@${secrets.jimDomain}" ];
+      };
+      "freecorn1854@${secrets.jimDomain}" = {
+        hashedPasswordFile = pkgs.writeText "freecorn" secrets.freecornMailHash;
+        aliases = [ "canada@${secrets.jimDomain}" "contact@${secrets.jimDomain}" ];
+      };
+      "tinyattack09@${secrets.jimDomain}" = {
+        hashedPasswordFile = pkgs.writeText "tiny" secrets.tinyMailHash;
+      };
+    };
+  };
+
+  # Related services
+  services = {
+    # Roundcube mail server
+    roundcube = {
+     enable = true;
+     hostName = "mail.${secrets.jimDomain}";
+     extraConfig = ''
+       $config['smtp_server'] = "tls://${mailserver.fqdn}";
+       $config['smtp_user'] = "%u";
+       $config['smtp_pass'] = "%p";
+     '';
+    };
+
+    # Force the mailserver to use a different redis port
+    redis.servers.rspamd.port = 1515;
+  };
+}