PoC working SP module system

+ simple-nixos-mailserver as an SP module

sp-modules/simple-nixos-mailserver/config-paths-needed.json

@@ -0,0 +1,24 @@
+[
+  [
+    "services",
+    "redis"
+  ],
+  [
+    "mailserver"
+  ],
+  [
+    "selfprivacy",
+    "userdata",
+    "email"
+  ],
+  [
+    "selfprivacy",
+    "userdata",
+    "domain"
+  ],
+  [
+    "selfprivacy",
+    "userdata",
+    "username"
+  ]
+]

sp-modules/simple-nixos-mailserver/config.nix

@@ -0,0 +1,81 @@
+{ config, lib, ... }:
+let
+  cfg = config.selfprivacy.userdata;
+in
+{
+  fileSystems = lib.mkIf
+    (cfg.simple-nixos-mailserver.enable && cfg.useBinds)
+    {
+      "/var/vmail" = {
+        device = "/volumes/${cfg.email.location}/vmail";
+        options = [ "bind" ];
+      };
+      "/var/sieve" = {
+        device = "/volumes/${cfg.email.location}/sieve";
+        options = [ "bind" ];
+      };
+    };
+
+  users.users = lib.mkIf cfg.simple-nixos-mailserver.enable {
+    virtualMail = {
+      isNormalUser = false;
+    };
+  };
+
+  selfprivacy.userdata.simple-nixos-mailserver =
+    lib.mkIf cfg.simple-nixos-mailserver.enable {
+      fqdn = cfg.domain;
+      domains = [ cfg.domain ];
+
+      # A list of all login accounts. To create the password hashes, use
+      # mkpasswd -m sha-512 "super secret password"
+      loginAccounts = {
+        "${cfg.username}@${cfg.domain}" = {
+          hashedPassword = cfg.hashedMasterPassword;
+          sieveScript = ''
+            require ["fileinto", "mailbox"];
+            if header :contains "Chat-Version" "1.0"
+            {
+              fileinto :create "DeltaChat";
+              stop;
+            }
+          '';
+        };
+      } // builtins.listToAttrs (builtins.map
+        (user: {
+          name = "${user.username}@${cfg.domain}";
+          value = {
+            hashedPassword = user.hashedPassword;
+            sieveScript = ''
+              require ["fileinto", "mailbox"];
+              if header :contains "Chat-Version" "1.0"
+              {
+                fileinto :create "DeltaChat";
+                stop;
+              }
+            '';
+          };
+        })
+        cfg.users);
+
+      extraVirtualAliases = {
+        "admin@${cfg.domain}" = "${cfg.username}@${cfg.domain}";
+      };
+
+      certificateScheme = "manual";
+      certificateFile = "/var/lib/acme/${cfg.domain}/fullchain.pem";
+      keyFile = "/var/lib/acme/${cfg.domain}/key.pem";
+
+      # Enable IMAP and POP3
+      enableImap = true;
+      enableImapSsl = true;
+      enablePop3 = false;
+      enablePop3Ssl = false;
+      dkimSelector = "selector";
+
+      # Enable the ManageSieve protocol
+      enableManageSieve = true;
+
+      virusScanning = false;
+    };
+}

sp-modules/simple-nixos-mailserver/flake.lock

@@ -0,0 +1,126 @@
+{
+  "nodes": {
+    "blobs": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1604995301,
+        "narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
+        "owner": "simple-nixos-mailserver",
+        "repo": "blobs",
+        "rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
+        "type": "gitlab"
+      },
+      "original": {
+        "owner": "simple-nixos-mailserver",
+        "repo": "blobs",
+        "type": "gitlab"
+      }
+    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1668681692,
+        "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "009399224d5e398d03b22badca40a37ac85412a1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1670751203,
+        "narHash": "sha256-XdoH1v3shKDGlrwjgrNX/EN8s3c+kQV7xY6cLCE8vcI=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "64e0bf055f9d25928c31fb12924e59ff8ce71e60",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs-22_11": {
+      "locked": {
+        "lastModified": 1669558522,
+        "narHash": "sha256-yqxn+wOiPqe6cxzOo4leeJOp1bXE/fjPEi/3F/bBHv8=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "ce5fe99df1f15a09a91a86be9738d68fadfbad82",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-22.11",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs-23_05": {
+      "locked": {
+        "lastModified": 1684782344,
+        "narHash": "sha256-SHN8hPYYSX0thDrMLMWPWYulK3YFgASOrCsIL3AJ78g=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "8966c43feba2c701ed624302b6a935f97bcbdf88",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-23.05",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "simple-nixos-mailserver": "simple-nixos-mailserver"
+      }
+    },
+    "simple-nixos-mailserver": {
+      "inputs": {
+        "blobs": "blobs",
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs",
+        "nixpkgs-22_11": "nixpkgs-22_11",
+        "nixpkgs-23_05": "nixpkgs-23_05",
+        "utils": "utils"
+      },
+      "locked": {
+        "lastModified": 1695910380,
+        "narHash": "sha256-CyzeiXQGm8ceEOSK1dffBCfO7JNp8XhQeNkUiJ5HxgY=",
+        "owner": "simple-nixos-mailserver",
+        "repo": "nixos-mailserver",
+        "rev": "84783b661ecf33927c534b6476beb74ea3308968",
+        "type": "gitlab"
+      },
+      "original": {
+        "owner": "simple-nixos-mailserver",
+        "repo": "nixos-mailserver",
+        "type": "gitlab"
+      }
+    },
+    "utils": {
+      "locked": {
+        "lastModified": 1605370193,
+        "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "5021eac20303a61fafe17224c087f5519baed54d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

sp-modules/simple-nixos-mailserver/flake.nix

@@ -0,0 +1,33 @@
+{
+  description = "PoC SP module for the simple-nixos-mailserver";
+
+  inputs.mailserver.url =
+    gitlab:simple-nixos-mailserver/nixos-mailserver;
+
+  outputs = { self, mailserver }: {
+    # tricks to rename (alias) the original module
+    nixosModules.default = args@{ pkgs, ... }:
+      let
+        module = mailserver.nixosModules.default args;
+      in
+      module // {
+        imports = module.imports ++ [
+          ./config.nix
+          ({ config, ... }: {
+            mailserver =
+              config.selfprivacy.userdata.simple-nixos-mailserver;
+          })
+        ];
+        options = module.options // {
+          selfprivacy.userdata.simple-nixos-mailserver =
+            module.options.mailserver;
+        };
+      };
+    configPathsNeeded =
+      builtins.fromJSON (builtins.readFile ./config-paths-needed.json);
+
+    # TODO generate json docs from module? something like:
+    # nix eval --impure --expr 'let flake = builtins.getFlake (builtins.toPath ./.); pkgs = flake.inputs.mailserver.inputs.nixpkgs.legacyPackages.x86_64-linux; in (pkgs.nixosOptionsDoc { inherit (pkgs.lib.evalModules { modules = [ flake.nixosModules.default ]; }) options; }).optionsJSON'
+    # (doesn't work because of `assertions`)
+  };
+}

sp-modules/simple-nixos-mailserver/sp-module-options.json

@@ -0,0 +1,3 @@
+{
+    "enable"
+}