monguix/config/mail.scm

(define-module (config mail)
  #:use-module (gnu packages mail)
  #:use-module (gnu services mail)
  #:use-module (guix gexp)
  #:use-module (gnu services)
  #:use-module (services dkim-key)
  #:export (mail-services))

(define (key-file domain)
  (string-append "/etc/letsencrypt/live/" domain "/privkey.pem"))
(define (cert-file domain)
  (string-append "/etc/letsencrypt/live/" domain "/fullchain.pem"))

(define* (opensmtpd-config #:key domain aliases dkim-selector)
  (define (format-aliases aliases)
    (format #f "~:{~a: ~a\n~}\n"
            (cons* '("MAILER-DAEMON" "postmaster")
                   '("postmaster" "root")
                   '("hostmaster" "root")
                   '("webmaster" "root")
                   '("abuse" "root")
                   '("security" "root")
                   aliases)))

  (mixed-text-file "smtpd.conf" "\
smtp max-message-size \"1G\"
table aliases file:" (mixed-text-file "aliases" (format-aliases aliases)) "

pki " domain " cert \"" (cert-file domain) "\"
pki " domain " key \"" (key-file domain) "\"

filter \"dkimsign\" proc-exec \""
    (file-append opensmtpd-filter-dkimsign "/libexec/opensmtpd/filter-dkimsign")
    " -d " domain " -s " dkim-selector " -k /etc/dkim/" domain ".key\"

listen on lo port submission mask-src filter \"dkimsign\"
listen on " domain " tls hostname " domain " pki " domain "
listen on " domain " port submission tls-require hostname " domain " pki " domain " auth mask-src filter \"dkimsign\"

action \"deliver\" maildir \"%{user.directory}/mail\" alias <aliases>
action \"relay\" relay

match from any for domain " domain " action \"deliver\"
match from any auth for any action \"relay\"
"))

(define* (mail-services #:key domain aliases dkim-selector)
  (list (service dkim-key-service-type
                 (dkim-key-configuration
                   (domain domain)
                   (selector dkim-selector)))

        (service opensmtpd-service-type
                 (opensmtpd-configuration
                   (shepherd-requirement '(networking))
                   (config-file
                     (opensmtpd-config #:domain domain
                                       #:aliases aliases
                                       #:dkim-selector dkim-selector))))))