diff options
author | Alyssa Ross <hi@alyssa.is> | 2021-01-06 17:31:51 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2021-01-10 07:13:25 +0000 |
commit | 1cdc42df888dc98c347e03bd942ed9825a55bcb3 (patch) | |
tree | 27aa457536e906712e4075a137af20510df8299d /nixpkgs/nixos/modules/services/mail | |
parent | f0205a49b465ab0e99502d2af4314526a1f90909 (diff) | |
parent | 1b8af3e1ae75df048fbdfb3acf6842f13de3e38f (diff) | |
download | nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.tar nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.tar.gz nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.tar.bz2 nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.tar.lz nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.tar.xz nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.tar.zst nixlib-1cdc42df888dc98c347e03bd942ed9825a55bcb3.zip |
Merge commit '1b8af3e1ae75df048fbdfb3acf6842f13de3e38f'
Diffstat (limited to 'nixpkgs/nixos/modules/services/mail')
-rw-r--r-- | nixpkgs/nixos/modules/services/mail/mailman.nix | 18 | ||||
-rw-r--r-- | nixpkgs/nixos/modules/services/mail/mailman.xml | 59 |
2 files changed, 71 insertions, 6 deletions
diff --git a/nixpkgs/nixos/modules/services/mail/mailman.nix b/nixpkgs/nixos/modules/services/mail/mailman.nix index 5da4171605b1..81108327d3c7 100644 --- a/nixpkgs/nixos/modules/services/mail/mailman.nix +++ b/nixpkgs/nixos/modules/services/mail/mailman.nix @@ -6,6 +6,11 @@ let cfg = config.services.mailman; + pythonEnv = pkgs.python3.withPackages (ps: + [ps.mailman ps.mailman-web] + ++ lib.optional cfg.hyperkitty.enable ps.mailman-hyperkitty + ++ cfg.extraPythonPackages); + # This deliberately doesn't use recursiveUpdate so users can # override the defaults. settings = { @@ -327,11 +332,7 @@ in { requiredBy = [ "mailman-uwsgi.service" ]; restartTriggers = [ config.environment.etc."mailman3/settings.py".source ]; script = '' - if [ -d ${escapeShellArg settings.STATIC_ROOT} ] - then - find ${escapeShellArg settings.STATIC_ROOT}/ -mindepth 1 -delete - fi - + [[ -e "${settings.STATIC_ROOT}" ]] && find "${settings.STATIC_ROOT}/" -mindepth 1 -delete ${pkgs.mailman-web}/bin/mailman-web migrate ${pkgs.mailman-web}/bin/mailman-web collectstatic ${pkgs.mailman-web}/bin/mailman-web compress @@ -351,7 +352,7 @@ in { uwsgiConfig.uwsgi = { type = "normal"; plugins = ["python3"]; - home = pythonEnv; + home = pkgs.mailman-web; module = "mailman_web.wsgi"; }; uwsgiConfigFile = pkgs.writeText "uwsgi-mailman.json" (builtins.toJSON uwsgiConfig); @@ -414,4 +415,9 @@ in { })); }; + meta = { + maintainers = with lib.maintainers; [ lheckemann ]; + doc = ./mailman.xml; + }; + } diff --git a/nixpkgs/nixos/modules/services/mail/mailman.xml b/nixpkgs/nixos/modules/services/mail/mailman.xml new file mode 100644 index 000000000000..cbe50ed0b917 --- /dev/null +++ b/nixpkgs/nixos/modules/services/mail/mailman.xml @@ -0,0 +1,59 @@ +<chapter xmlns="http://docbook.org/ns/docbook" + xmlns:xlink="http://www.w3.org/1999/xlink" + xmlns:xi="http://www.w3.org/2001/XInclude" + version="5.0" + xml:id="module-services-mailman"> + <title>Mailman</title> + <para> + <link xlink:href="https://www.list.org">Mailman</link> is free + software for managing electronic mail discussion and e-newsletter + lists. Mailman and its web interface can be configured using the + corresponding NixOS module. Note that this service is best used with + an existing, securely configured Postfix setup, as it does not automatically configure this. + </para> + + <section xml:id="module-services-mailman-basic-usage"> + <title>Basic usage</title> + <para> + For a basic configuration, the following settings are suggested: + <programlisting>{ config, ... }: { + services.postfix = { + enable = true; + relayDomains = ["hash:/var/lib/mailman/data/postfix_domains"]; + sslCert = config.security.acme.certs."lists.example.org".directory + "/full.pem"; + sslKey = config.security.acme.certs."lists.example.org".directory + "/key.pem"; + config = { + transport_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"]; + local_recipient_maps = ["hash:/var/lib/mailman/data/postfix_lmtp"]; + }; + }; + services.mailman = { + <link linkend="opt-services.mailman.enable">enable</link> = true; + <link linkend="opt-services.mailman.serve.enable">serve.enable</link> = true; + <link linkend="opt-services.mailman.hyperkitty.enable">hyperkitty.enable</link> = true; + <link linkend="opt-services.mailman.hyperkitty.enable">webHosts</link> = ["lists.example.org"]; + <link linkend="opt-services.mailman.hyperkitty.enable">siteOwner</link> = "mailman@example.org"; + }; + <link linkend="opt-services.nginx.virtualHosts._name_.enableACME">services.nginx.virtualHosts."lists.example.org".enableACME</link> = true; + <link linkend="opt-services.mailman.hyperkitty.enable">networking.firewall.allowedTCPPorts</link> = [ 25 80 443 ]; +}</programlisting> + </para> + <para> + DNS records will also be required: + <itemizedlist> + <listitem><para><literal>AAAA</literal> and <literal>A</literal> records pointing to the host in question, in order for browsers to be able to discover the address of the web server;</para></listitem> + <listitem><para>An <literal>MX</literal> record pointing to a domain name at which the host is reachable, in order for other mail servers to be able to deliver emails to the mailing lists it hosts.</para></listitem> + </itemizedlist> + </para> + <para> + After this has been done and appropriate DNS records have been + set up, the Postorius mailing list manager and the Hyperkitty + archive browser will be available at + https://lists.example.org/. Note that this setup is not + sufficient to deliver emails to most email providers nor to + avoid spam -- a number of additional measures for authenticating + incoming and outgoing mails, such as SPF, DMARC and DKIM are + necessary, but outside the scope of the Mailman module. + </para> + </section> +</chapter> |