3 files changed, 38 insertions, 40 deletions
diff --git a/flake.nix b/flake.nix
index 3baed70..2120778 100644
--- a/flake.nix
+++ b/flake.nix
@@ -44,13 +44,21 @@
         ./hosts/server1/configuration.nix
         simple-nixos-mailserver.nixosModule
         {
-          mailserver = import ./system/mail {};
+          mailserver = import ./system/mail {inherit (pkgs) lib;};
         }
       ];
     };
     devShells."${system}" = {
       default = pkgs.mkShell {
-        packages = with pkgs; [nil alejandra statix shellcheck ltex-ls];
+        packages = with pkgs; [
+          nil
+          alejandra
+          statix
+          shellcheck
+          ltex-ls
+          cocogitto
+          git-crypt
+        ];
       };
     };
   };
diff --git a/system/mail/default.nix b/system/mail/default.nix
index b1da088..1aa2073 100644
--- a/system/mail/default.nix
+++ b/system/mail/default.nix
@@ -1,50 +1,40 @@
 # vim: ts=2
-{...}: let
+{lib, ...}: let
   all_admins = [
     "sils@vhack.eu"
     "soispha@vhack.eu"
     "nightingale@vhack.eu"
   ];
-in {
-  enable = true;
-  fqdn = "server1.vhack.eu";
-  domains = ["vhack.eu"];
+  users = import ./users.nix {};
+in
+  lib.recursiveUpdate {
+    enable = true;
+    fqdn = "server1.vhack.eu";
 
-  useFsLayout = true;
+    useFsLayout = true;
 
-  loginAccounts = {
-    "sils@vhack.eu" = {
-      hashedPassword = "$2b$05$RW/Svgk7iGxvP5W7ZwUZ1e.a3fj4fteevb2MtfFYYD0d1DQ17y9Fm";
+    extraVirtualAliases = {
+      "abuse@vhack.eu" = all_admins;
+      "postmaster@vhack.eu" = all_admins;
+      "admin@vhack.eu" = all_admins;
     };
-    "soispha@vhack.eu" = {
-      hashedPassword = "$2b$05$XX36sJuHNbTFvi8DFldscOeQBHahluSkiUqD9QGzQaET7NJusSuQW";
-    };
-    "nightingale@vhack.eu" = {
-      hashedPassword = "$2b$05$THIS_PASSWORD_HASH_IS_NOT_REAL,_PLEASE_CHANGE_IT_..._"; # TODO change
-    };
-  };
-
-  extraVirtualAliases = {
-    "abuse@vhack.eu" = all_admins;
-    "postmaster@vhack.eu" = all_admins;
-    "admin@vhack.eu" = all_admins;
-  };
 
-  mailDirectory = "/srv/mail/vmail";
-  dkimKeyDirectory = "/srv/mail/dkim";
-  sieveDirectory = "/srv/mail/sieve";
-  backup.snapshotRoot = "/srv/mail/backup";
+    mailDirectory = "/srv/mail/vmail";
+    dkimKeyDirectory = "/srv/mail/dkim";
+    sieveDirectory = "/srv/mail/sieve";
+    backup.snapshotRoot = "/srv/mail/backup";
 
-  enableImap = false;
-  enableImapSsl = true;
-  enablePop3 = false;
-  enablePop3Ssl = true;
-  # SMTP
-  enableSubmission = false;
-  enableSubmissionSsl = true;
-  openFirewall = true;
+    enableImap = false;
+    enableImapSsl = true;
+    enablePop3 = false;
+    enablePop3Ssl = true;
+    # SMTP
+    enableSubmission = false;
+    enableSubmissionSsl = true;
+    openFirewall = true;
 
-  keyFile = "/var/lib/acme/server1.vhack.eu/key.pem";
-  certificateScheme = 1;
-  certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem";
-}
+    keyFile = "/var/lib/acme/server1.vhack.eu/key.pem";
+    certificateScheme = 1;
+    certificateFile = "/var/lib/acme/server1.vhack.eu/fullchain.pem";
+  }
+  users
diff --git a/system/mail/users.nix b/system/mail/users.nix
new file mode 100644
index 0000000..f3264a1
--- /dev/null
+++ b/system/mail/users.nix
Binary files differ