From 5a4a31745997cda7c3eab880f89b7362af61d8a0 Mon Sep 17 00:00:00 2001
From: uku <hi@uku.moe>
Date: Sat, 4 Jan 2025 00:04:54 +0100
Subject: [PATCH] WIP MADDY

---
 systems/vesuvio/mail.nix | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 systems/vesuvio/mail.nix

diff --git a/systems/vesuvio/mail.nix b/systems/vesuvio/mail.nix
new file mode 100644
index 0000000..7d40abd
--- /dev/null
+++ b/systems/vesuvio/mail.nix
@@ -0,0 +1,35 @@
+{ config, ... }:
+let
+  certName = "mail.c.uku3lig.net";
+  certLocation = config.security.acme.certs.${certName}.directory;
+in
+{
+  security.acme.certs.${certName} = {
+    group = config.services.maddy.group;
+    extraLegoRenewFlags = [ "--reuse-key" ]; # soopyc said its more secure
+  };
+
+  services.maddy = {
+    enable = true;
+    hostname = "mx1.uku3lig.net";
+    primaryDomain = "uku3lig.net";
+    localDomains = [
+      "$(primary_domain)"
+      "uku.moe"
+    ];
+
+    tls = {
+      loader = "file";
+      certificates = [
+        {
+          certPath = "${certLocation}/fullchain.pem";
+          keyPath = "${certLocation}/key.pem";
+        }
+      ];
+    };
+
+    config = ''
+
+    '';
+  };
+}