mailback

configuration.nix

@@ -108,13 +108,13 @@
     home = "/home/sondell";
     isNormalUser = true;
     description = "sondell";
-    extraGroups = ["networkmanager" "wheel" "backup"];
+    extraGroups = ["networkmanager" "wheel" "backup" "opendkim" ];
     packages = with pkgs; [
       firefox
       #  thunderbird
     ];
   };
-  users.groups."backup".gid = 1337;
+  # users.groups."backup".gid = 1337;
 
 
   users.users.root = {

mail.nix

@@ -1,17 +1,39 @@
-{ mailserver , ... }:
+{mailserver, ...}: let
-let
   domain = "sondell.org";
   fqdn = "mail.${domain}";
-in
+  mailDirectory = "/var/vmail";
-{
+  dkimKeyDirectory = "/var/dkim";
+in {
   imports = [
     mailserver
   ];
 
+  services.restic.backups = {
+     "mail" = {
+        passwordFile = "/etc/nixos/.secrets/restic_pw";
+        repository = "sftp:Glenn@nas:/home/back/mail/restic";
+        initialize = true;
+        paths = [
+          mailDirectory
+          dkimKeyDirectory
+        ];
+        user = "sondell";
+        timerConfig.OnCalendar = "02:05";
+        pruneOpts = [
+          "--keep-daily 10"
+          "--keep-weekly 5"
+          "--keep-monthly 12"
+          "--keep-yearly 75"
+        ];
+      };
+  };
+  
   mailserver = {
     enable = true;
+    inherit mailDirectory dkimKeyDirectory;
     fqdn = fqdn;
     domains = [domain];
+    vmailGroupName = "backup";
 
     # A list of all login accounts. To create the password hashes, use
     # cat .secrets/nextadminpw | nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > .secrets/mailpw.hash
@@ -47,5 +69,4 @@ in
       $config['smtp_pass'] = "%p";
     '';
   };
-  
 }