[email] WIP

2025-04-07 13:48:23 -07:00
parent 09329465f5
commit a0987c0e11
2 changed files with 37 additions and 0 deletions
--- a/system/hosts/mcp/containers.nix
+++ b/system/hosts/mcp/containers.nix
@@ -4,6 +4,7 @@
  # Additional configuration
  imports = [
    ./containers/bookstack.nix
+    ./containers/email.nix
    ./containers/gitea.nix
    ./containers/grafana.nix
    ./containers/jobhunt.nix
--- a/system/hosts/mcp/containers/email.nix
+++ b/system/hosts/mcp/containers/email.nix
@@ -0,0 +1,36 @@
+{ config, ... }:
+let
+  inherit (import ../lib.nix config) blazestar;
+in {
+  
+  virtualisation.oci-containers.containers.docker-mailserver = {
+    image = "ghcr.io/docker-mailserver/docker-mailserver:latest";
+    hostname = "mail.${blazestar}";
+    autoStart = true;
+    ports = [
+      "465:465"
+      "587:587"
+      "993:993"
+    ];
+    volumes = [
+      "/tank/mailserver/mail-data:/var/mail"
+      "/tank/mailserver/mail-state:/var/mail-state"
+      "/tank/mailserver/mail-logs:/var/log/mail"
+      "/tank/mailserver/config:/tmp/docker-mailserver"
+      "/etc/localtime:/etc/localtime:ro"
+    ];
+    environment = {
+      ENABLE_RSPAMD="1";
+      ENABLE_CLAMAV="1";
+      ENABLE_FAIL2BAN="1";
+    };
+    extraOptions = [
+      # add network admin capability for Fail2Ban
+      "--cap-add=NET_ADMIN"
+    ];
+    labels = {
+      "traefik.enable" = "true";
+      "traefik.tcp.routers.mail.service" = "mailserver";
+    };
+  };
+}