From 6a4f95482fa2c0faeafa028eae164d00c6418ac3 Mon Sep 17 00:00:00 2001
From: Preston Pan <ret2pop@gmail.com>
Date: Wed, 11 Feb 2026 14:43:01 -0800
Subject: add vps stuff; fix internet issues plauging my devices

---
 nix/modules/maddy.nix | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'nix/modules/maddy.nix')

diff --git a/nix/modules/maddy.nix b/nix/modules/maddy.nix
index c84b59c..ab98f87 100644
--- a/nix/modules/maddy.nix
+++ b/nix/modules/maddy.nix
@@ -4,20 +4,27 @@
     enable = lib.mkDefault config.monorepo.profiles.server.enable;
     openFirewall = true;
     hostName = "${config.monorepo.vars.remoteHost}";
-    primaryDomain = "mail.${config.monorepo.vars.remoteHost}";
+    primaryDomain = "mail.${config.monorepo.vars.orgHost}";
     tls = {
-      loader = "acme";
+      certificates = [
+        {
+          keyPath = "/var/lib/acme/mail.${config.monorepo.vars.orgHost}/key.pem";
+          certPath = "/var/lib/acme/mail.${config.monorepo.vars.orgHost}/fullchain.pem";
+        }
+      ];
     };
     config = builtins.replaceStrings [
       "imap tcp://0.0.0.0:143"
       "submission tcp://0.0.0.0:587"
+      "smtp tcp://0.0.0.0:25"
     ] [
       "imap tls://0.0.0.0:993 tcp://0.0.0.0:143"
       "submission tls://0.0.0.0:465 tcp://0.0.0.0:587"
+      "smtps tls://0.0.0.0:465 smtp tcp://0.0.0.0:25"
     ] options.services.maddy.config.default;
     ensureCredentials = {
       "${config.monorepo.vars.userName}@localhost" = {
-        passwordFile = "/secrets/${config.monorepo.vars.userName}-localhost";
+        passwordFile = "/run/secrets/mail_password";
       };
     };
   };
-- 
cgit v1.3