nixos/maddy: Add option ensureAccounts

2024-09-20 04:19:00 +02:00 · 2023-02-16 22:47:11 +01:00 · 2023-02-16 22:47:11 +01:00 · 13ff144c70
parent d79f5d4516
commit 13ff144c70
2 changed files with 45 additions and 8 deletions
--- a/nixos/modules/services/mail/maddy.nix
+++ b/nixos/modules/services/mail/maddy.nix
@ -223,22 +223,59 @@ in {
        '';
      };

+      ensureAccounts = mkOption {
+        type = types.listOf types.str;
+        default = [];
+        description = lib.mdDoc ''
+          List of IMAP accounts which get automatically created. Note that for
+          a complete setup, user credentials for these accounts are required too
+          and can be created using the command `maddyctl creds`.
+          This option does not delete accounts which are not (anymore) listed.
+        '';
+        example = [
+          "user1@localhost"
+          "user2@localhost"
+        ];
+      };
+
    };
  };

  config = mkIf cfg.enable {

    systemd = {
+
      packages = [ pkgs.maddy ];
-      services.maddy = {
-        serviceConfig = {
-          User = cfg.user;
-          Group = cfg.group;
-          StateDirectory = [ "maddy" ];
+      services = {
+        maddy = {
+          serviceConfig = {
+            User = cfg.user;
+            Group = cfg.group;
+            StateDirectory = [ "maddy" ];
+          };
+          restartTriggers = [ config.environment.etc."maddy/maddy.conf".source ];
+          wantedBy = [ "multi-user.target" ];
        };
-        restartTriggers = [ config.environment.etc."maddy/maddy.conf".source ];
-        wantedBy = [ "multi-user.target" ];
+        maddy-ensure-accounts = {
+          script = ''
+            ${optionalString (cfg.ensureAccounts != []) ''
+              ${concatMapStrings (account: ''
+                if ! ${pkgs.maddy}/bin/maddyctl imap-acct list | grep "${account}"; then
+                  ${pkgs.maddy}/bin/maddyctl imap-acct create ${account}
+                fi
+              '') cfg.ensureAccounts}
+            ''}
+          '';
+          serviceConfig = {
+            Type = "oneshot";
+            User= "maddy";
+          };
+          after = [ "maddy.service" ];
+          wantedBy = [ "multi-user.target" ];
+        };
+
      };
+
    };

    environment.etc."maddy/maddy.conf" = {
--- a/nixos/tests/maddy.nix
+++ b/nixos/tests/maddy.nix
@ -9,6 +9,7 @@ import ./make-test-python.nix ({ pkgs, ... }: {
        hostname = "server";
        primaryDomain = "server";
        openFirewall = true;
+        ensureAccounts = [ "postmaster@server" ];
      };
    };

@ -50,7 +51,6 @@ import ./make-test-python.nix ({ pkgs, ... }: {
    server.wait_for_open_port(587)

    server.succeed("maddyctl creds create --password test postmaster@server")
-    server.succeed("maddyctl imap-acct create postmaster@server")

    client.succeed("send-testmail")
    client.succeed("test-imap")