From 94725a676228626b71ae2b69bb3764911c8ffbb7 Mon Sep 17 00:00:00 2001
From: stubbfel <git@stubbe.rocks>
Date: Tue, 2 Nov 2021 22:03:56 +0100
Subject: [PATCH] mailcow used acme ssl

---
 services/docker.nix  |  8 +++++++
 services/mailcow.nix | 57 ++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 65 insertions(+)
 create mode 100644 services/docker.nix
 create mode 100644 services/mailcow.nix

diff --git a/services/docker.nix b/services/docker.nix
new file mode 100644
index 0000000..fc30716
--- /dev/null
+++ b/services/docker.nix
@@ -0,0 +1,8 @@
+{ config, pkgs, ... }:
+
+{
+	virtualisation.docker = {
+		enable = true;
+		enableOnBoot = true;
+	};
+}
diff --git a/services/mailcow.nix b/services/mailcow.nix
new file mode 100644
index 0000000..6f89d01
--- /dev/null
+++ b/services/mailcow.nix
@@ -0,0 +1,57 @@
+{ config, pkgs, ... }:
+
+{
+  services.nginx.virtualHosts."mailcow.stubbe.rocks" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/".proxyPass = "http://localhost:7080";
+      serverName = "v22017115146555724.happysrv.de";
+      serverAliases = [
+        "testmail.stubbe.rocks"
+        "mailcow.stubbe.rocks"
+#        "autodiscover.testmail.stubbe.rocks"
+#        "autoconfig.testmail.stubbe.rocks"  
+#        "autodiscover.mailcow.stubbe.rocks"
+#        "autoconfig.mailcow.stubbe.rocks"      
+      ];
+  };
+
+security.acme.certs."v22017115146555724.happysrv.de".postRun = ''
+	cp fullchain.pem /opt/mailcow-dockerized/data/assets/ssl/cert.pem  
+	cp key.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem  
+	cp chain.pem /opt/mailcow-dockerized/data/assets/ssl/chain.pem  
+'';
+
+#  services.nginx.virtualHosts."testmail.stubbe.rocks" = {
+#      enableACME = true;
+#      forceSSL = true;
+#      locations."/".proxyPass = "http://localhost:7080";
+#  };
+
+  systemd = {
+    timers.mailcow-update = {
+      wantedBy = [ "timers.target" ];
+      partOf = [ "mailcow-update.service" ];
+      timerConfig.OnCalendar = "weekly";
+    };
+    services.mailcow-update = {
+      path = [
+	pkgs.bash        
+        pkgs.git
+        pkgs.curl
+        pkgs.gawk
+        pkgs.docker
+        pkgs.docker-compose
+        pkgs.which
+        pkgs.coreutils-full
+	pkgs.unixtools.ping
+	pkgs.iptables
+      ];
+      serviceConfig.Type = "oneshot";
+      script = ''
+	cd /opt/mailcow-dockerized
+	./update.sh --no-update-compose --force
+      '';         
+    };
+ };
+}