Add radicale

modules/system/services/server/mailserver/default.nix

@@ -2,6 +2,7 @@
 {
   imports = [
     ./go-autoconfig
+    ./radicale
     ./roundcube
     ./simplenix
   ];

modules/system/services/server/mailserver/go-autoconfig/default.nix

@@ -2,8 +2,7 @@
 {
   imports = [ ./nginx ];
 
-  config = lib.mkIf config.services.mailserver.enable {
+  services = lib.mkIf config.services.mailserver.enable {
-    services = {
     go-autoconfig = {
       enable = true;
       settings = {
@@ -21,5 +20,4 @@
     };
     cloudflare-dyndns.domains = [ config.services.go-autoconfig.settings.domain ];
   };
-  };
 }

modules/system/services/server/mailserver/radicale/default.nix

@@ -0,0 +1,25 @@
+{ config, lib, pkgs, ... }:
+{
+  imports = [ ./nginx ];
+
+  services = lib.mkIf config.services.mailserver.enable {
+    radicale = {
+      enable = true;
+      settings = {
+        auth = {
+          type = "htpasswd";
+          htpasswd_filename = let
+            mailAccounts = config.mailserver.loginAccounts;
+            htpasswd = with lib; pkgs.writeText "radicale.users" (concatStrings
+              (flip mapAttrsToList mailAccounts (mail: user:
+                mail + ":" + user.hashedPassword + "\n"
+              ))
+            );
+          in "${htpasswd}";
+          htpasswd_encryption = "bcrypt";
+        };
+      };
+    };
+    cloudflare-dyndns.domains = [ "cal.nixfox.ca" ];
+  };
+}

modules/system/services/server/mailserver/radicale/nginx/default.nix

@@ -0,0 +1,16 @@
+{ config, lib, ... }: 
+{
+  services.nginx.virtualHosts."cal.nixfox.ca" = lib.mkIf config.services.go-autoconfig.enable {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:5232";
+      proxyWebsockets = true;
+      extraConfig = ''
+        proxy_set_header  X-Script-Name /;
+        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_pass_header Authorization;
+      '';
+    };
+  };
+}

modules/system/services/server/mailserver/simplenix/default.nix

@@ -5,13 +5,13 @@
   config = lib.mkIf config.services.mailserver.enable {
     mailserver = {
       enable = true;
+      fqdn = "mx.nixfox.ca";
       domains = [
         "nixfox.ca"
         "bloxelcom.net"
         "freecorn1854.win"
         "lunamoonlight.xyz"
       ];
-      fqdn = "mx.nixfox.ca";
       certificateScheme = "acme-nginx";
       localDnsResolver = false;
       redis.port = 1515;
@@ -19,13 +19,13 @@
       # Passwords made with 'mkpasswd -sm bcrypt'
       loginAccounts = {
         "jimbo@nixfox.ca" = {
-          hashedPasswordFile = pkgs.writeText "jimbo" config.secrets.mailHash.jimbo;
+          hashedPassword = config.secrets.mailHash.jimbo;
           aliases = [
             "james@nixfox.ca"
             "jimbo@bloxelcom.net"
 
             "bun@nixfox.ca"
-            #"vice@nixfox.ca"
+            "vice@nixfox.ca"
             "bun@bloxelcom.net"
             "yara@nixfox.ca"
 
@@ -34,7 +34,7 @@
         };
 
         "luna@lunamoonlight.xyz" = {
-          hashedPasswordFile = pkgs.writeText "luna" config.secrets.mailHash.luna;
+          hashedPassword = config.secrets.mailHash.luna;
           aliases = [
             "luna@bloxelcom.net"
             "contact@bloxelcom.net"
@@ -43,17 +43,17 @@
         };
 
         "contact@freecorn1854.win" = {
-          hashedPasswordFile = pkgs.writeText "corn" config.secrets.mailHash.corn;
+          hashedPassword = config.secrets.mailHash.corn;
           aliases = [ "freecorn@bloxelcom.net" ];
         };
 
 	# Noreply emails
         "noreply@nixfox.ca" = {
-          hashedPasswordFile = pkgs.writeText "noreply" config.secrets.mailHash.nixfoxNoReply;
+          hashedPassword = config.secrets.mailHash.nixfoxNoReply;
           sendOnly = true;
         };
         "noreply@bloxelcom.net" = {
-          hashedPasswordFile = pkgs.writeText "noreply" config.secrets.mailHash.bloxelNoReply;
+          hashedPassword = config.secrets.mailHash.bloxelNoReply;
           sendOnly = true;
         };
       };