{ pkgs, lib, config, ... }:

let
  fqdn = "mail.cochrun.xyz";
  dn = "cochrun.xyz";
in
with lib;
{
  # services.caddy = {
  #   virtualHosts = {
  #     "mail.cochrun.xyz".extraConfig = ''
  #       tls internal {
  #         key_type rsa2048
  #       } 
  #       respond "Hello DMS"
  #     '' ;
  #   };   
  # };
  mailserver = {
    enable = true;
    fqdn = fqdn;
    domains = [ dn ];
    enableManageSieve = true;
    mailDirectory = "/home/chris/mailserver/docker-data/mail-data";
    mailboxes = {
      Archive = {
        auto = "subscribe";
        specialUse = "Archive";
      };
      Drafts = {
        auto = "subscribe";
        specialUse = "Drafts";
      };
      Junk = {
        auto = "subscribe";
        specialUse = "Junk";
      };
      Sent = {
        auto = "subscribe";
        specialUse = "Sent";
      };
      Trash = {
        auto = "no";
        specialUse = "Trash";
      };
    };
    useFsLayout = true;
    hierarchySeparator = "/";
    certificateScheme = "acme-nginx";
    # certificateFile = "/var/lib/acme/${fqdn}/fullchain.pem";
    # keyFile = "/var/lib/acme/${fqdn}/key.pem";
    loginAccounts = {
      "chris@cochrun.xyz" = {
        hashedPasswordFile = "/home/chris/mailp";
        aliases = [
          "postmaster@cochrun.xyz"
          "cxda@cochrun.xyz"
          "ceth@cochrun.xyz"
          "clocb@cochrun.xyz"
          "higdry@cochrun.xyz"
          "clin@cochrun.xyz"
        ];
      };
    };
  };

  security.acme = {
    acceptTerms = true;
    defaults.email = "chris@cochrun.xyz";
    # certs.${fqdn} = {
    #   webroot = "/var/lib/acme/acme-challenge/";
    #   # dnsProvider = "namecheap";
    # };
  };
}