From f2811f2e040efa784d8abf2e7b79b93172427a63 Mon Sep 17 00:00:00 2001
From: daragh <daraghdownes12@gmail.com>
Date: Thu, 26 Oct 2023 01:02:39 +0100
Subject: [PATCH 1/2] fix : added certs for k9 mail related subdomains

related to #33
---
 applications/acme.nix  | 28 ++++++++++++++++++++--------
 applications/email.nix |  6 ++++--
 2 files changed, 24 insertions(+), 10 deletions(-)

diff --git a/applications/acme.nix b/applications/acme.nix
index 435715b..518c5d2 100644
--- a/applications/acme.nix
+++ b/applications/acme.nix
@@ -9,16 +9,24 @@ with lib; let
 in {
   imports = [];
 
-  options.skynet_acme = {
-    domains = lib.mkOption {
-      default = [];
-      type = lib.types.listOf lib.types.str;
-      description = ''
-        A list of domains to use for this server.
-      '';
+  options = {
+    skynet_acme = {
+      domains = lib.mkOption {
+        default = [];
+        type = lib.types.listOf lib.types.str;
+        description = ''
+          A list of domains to use for this server.
+        '';
+      };
+      domains_mail = lib.mkOption {
+        default = [];
+        type = lib.types.listOf lib.types.str;
+        description = ''
+          A list of domains to use for the mailserver.
+        '';
+      };
     };
   };
-
   config = {
     # group that will own the certificates
     users.groups.acme = {};
@@ -41,6 +49,10 @@ in {
           domain = "skynet.ie";
           extraDomainNames = cfg.domains;
         };
+        "mail" = {
+          domain = "mail.skynet.ie";
+          extraDomainNames = cfg.domains_mail;
+        };
       };
     };
   };
diff --git a/applications/email.nix b/applications/email.nix
index 05ee8d0..5963fc5 100644
--- a/applications/email.nix
+++ b/applications/email.nix
@@ -208,8 +208,10 @@ in {
 
     age.secrets.ldap_pw.file = ../secrets/ldap/pw.age;
 
-    skynet_acme.domains = [
-      "${cfg.sub}.${cfg.domain}"
+    skynet_acme.domains_mail = [
+      "imap.skynet.ie"
+      "pop3.skynet.ie"
+      "smtp.skynet.ie"
     ];
 
     # set up dns record for it

From 64d1054067d940fb88bc802a19ed6aec1a1392bd Mon Sep 17 00:00:00 2001
From: daragh <daraghdownes12@gmail.com>
Date: Thu, 26 Oct 2023 01:13:59 +0100
Subject: [PATCH 2/2] fix : switched email ACMEHost to mail

---
 applications/email.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/applications/email.nix b/applications/email.nix
index 5963fc5..683d7ca 100644
--- a/applications/email.nix
+++ b/applications/email.nix
@@ -309,7 +309,7 @@ in {
     services.nginx.virtualHosts = {
       "${cfg.sub}.${cfg.domain}" = {
         forceSSL = true;
-        useACMEHost = "skynet";
+        useACMEHost = "mail";
         # override the inbuilt nginx config
         enableACME = false;
         serverName = "${cfg.sub}.${cfg.domain}";