mailcow used acme ssl

services/docker.nix

@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+
+{
+	virtualisation.docker = {
+		enable = true;
+		enableOnBoot = true;
+	};
+}

services/mailcow.nix

@@ -0,0 +1,57 @@
+{ config, pkgs, ... }:
+
+{
+  services.nginx.virtualHosts."mailcow.stubbe.rocks" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/".proxyPass = "http://localhost:7080";
+      serverName = "v22017115146555724.happysrv.de";
+      serverAliases = [
+        "testmail.stubbe.rocks"
+        "mailcow.stubbe.rocks"
+#        "autodiscover.testmail.stubbe.rocks"
+#        "autoconfig.testmail.stubbe.rocks"  
+#        "autodiscover.mailcow.stubbe.rocks"
+#        "autoconfig.mailcow.stubbe.rocks"      
+      ];
+  };
+
+security.acme.certs."v22017115146555724.happysrv.de".postRun = ''
+	cp fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem  
+	cp key.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem  
+	cp chain.pem /opt/mailcow-dockerized/data/assets/ssl/chain.pem  
+'';
+
+#  services.nginx.virtualHosts."testmail.stubbe.rocks" = {
+#      enableACME = true;
+#      forceSSL = true;
+#      locations."/".proxyPass = "http://localhost:7080";
+#  };
+
+  systemd = {
+    timers.mailcow-update = {
+      wantedBy = [ "timers.target" ];
+      partOf = [ "mailcow-update.service" ];
+      timerConfig.OnCalendar = "weekly";
+    };
+    services.mailcow-update = {
+      path = [
+	pkgs.bash        
+        pkgs.git
+        pkgs.curl
+        pkgs.gawk
+        pkgs.docker
+        pkgs.docker-compose
+        pkgs.which
+        pkgs.coreutils-full
+	pkgs.unixtools.ping
+	pkgs.iptables
+      ];
+      serviceConfig.Type = "oneshot";
+      script = ''
+	cd /opt/mailcow-dockerized
+	./update.sh --no-update-compose --force
+      '';         
+    };
+ };
+}