30 lines
834 B
Nix
30 lines
834 B
Nix
{ config, ... }:
|
|
let
|
|
inherit (import ./lib.nix config) blazestar;
|
|
in {
|
|
|
|
virtualisation.oci-containers.containers.docker-mailserver = {
|
|
image = "ghcr.io/docker-mailserver/docker-mailserver:latest";
|
|
hostname = "mail.${blazestar}";
|
|
autoStart = true;
|
|
volumes = [
|
|
"/tank/mailserver/mail-data:/var/mail"
|
|
"/tank/mailserver/mail-state:/var/mail-state"
|
|
"/tank/mailserver/mail-logs:/var/log/mail"
|
|
"/tank/mailserver/config:/tmp/docker-mailserver"
|
|
"/etc/localtime:/etc/localtime:ro"
|
|
"/tank/config/traefik/acme/acme.json:/etc/letsencrypt/acme.json:ro"
|
|
];
|
|
environmentFiles = [
|
|
./email/mailserver.env
|
|
];
|
|
extraOptions = [
|
|
# add network admin capability for Fail2Ban
|
|
"--cap-add=NET_ADMIN"
|
|
];
|
|
labels = {
|
|
"traefik.enable" = "false";
|
|
};
|
|
};
|
|
}
|