machines/trabbi/mail: add autoconfig web-endpoint

commit 68018848b61e5f54344830d698e49dab6687cc47
parent 7b018f51feb735c228c925221151f7df8c360df2
Author: Leah (ctucx) <git@ctu.cx>
Date: Tue, 16 May 2023 13:47:21 +0200

machines/trabbi/mail: add autoconfig web-endpoint

1 file changed, 39 insertions(+), 4 deletions(-)

machines/trabbi/mail.nix

+++++++++++++++++++++++++++++++++++++++----

diff --git a/machines/trabbi/mail.nix b/machines/trabbi/mail.nix
@@ -1,6 +1,32 @@
 { inputs, pkgs, config, ... }:
 
-{
+let
+  mailAutoConfig = ''
+    <?xml version="1.0" encoding="UTF-8"?>
+    <clientConfig version="1.1">
+     <emailProvider id="ctu.cx">
+       <domain>ctu.cx</domain>
+       <displayName>${config.networking.fqdn}</displayName>
+       <displayShortName>${config.networking.domain}</displayShortName>
+       <incomingServer type="imap">
+         <hostname>${config.networking.fqdn}</hostname>
+         <port>993</port>
+         <socketType>SSL</socketType>
+         <authentication>password-cleartext</authentication>
+         <username>%EMAILADDRESS%</username>
+       </incomingServer>
+       <outgoingServer type="smtp">
+         <hostname>${config.networking.fqdn}</hostname>
+         <port>465</port>
+         <socketType>SSL</socketType>
+         <authentication>password-cleartext</authentication>
+         <username>%EMAILADDRESS%</username>
+       </outgoingServer>
+     </emailProvider>
+    </clientConfig>
+  '';
+
+in {
 
   imports = [
     inputs.simple-nixos-mailserver.nixosModule

@@ -25,6 +51,7 @@
       ];
 
       subdomains = {
+        autoconfig.CNAME         = [ config.networking.hostName ];
         _dmarc.TXT               = [ DMARC ];
         "mail._domainkey".TXT    = [ "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKryfX99NkcU5Xe4AmG+kO/sfuYSXk5RqJhzxS4uMqERE8UszgEGdteXcD8pqON2MfDmA3G6cA+Oa+N4tIWdIYNwTISVXXMGdHvjFIsVUEW0turM104tXESELaPRntkCvDBk/yOgsBDRZQHSx5MdGwpzeRC8TLdCbalh3W0jp5PQIDAQAB" ];
       };

@@ -69,9 +96,17 @@
 
   services.nginx = {
     enable = true;
-    virtualHosts."${config.networking.fqdn}" = {
-      enableACME = true;
-      forceSSL   = true;
+    virtualHosts = {
+      "${config.networking.fqdn}" = {
+        enableACME = true;
+        forceSSL   = true;
+      };
+
+      "autoconfig.ctu.cx" = {
+        enableACME = true;
+        forceSSL = true;
+        locations."= /mail/config-v1.1.xml".return = "200 '${mailAutoConfig}'";
+      };
     };
   };