From 23b92aaaa7702221e80199c9d47fa1f73b3722c1 Mon Sep 17 00:00:00 2001
From: Tim Keller <tjk@tjkeller.xyz>
Date: Sat, 28 Mar 2026 18:45:51 -0500
Subject: add mailer service and zedMailer module

---
 nixos/services/mailer.nix         | 67 +++++++++++++++++++++++++++++++++++++++
 nixos/services/zfs/zed-mailer.nix | 20 ++++++++++++
 2 files changed, 87 insertions(+)
 create mode 100644 nixos/services/mailer.nix
 create mode 100644 nixos/services/zfs/zed-mailer.nix

diff --git a/nixos/services/mailer.nix b/nixos/services/mailer.nix
new file mode 100644
index 0000000..fadaaf1
--- /dev/null
+++ b/nixos/services/mailer.nix
@@ -0,0 +1,67 @@
+{ lib, pkgs, config, ... }: let
+	cfg = config.services.mail._mailer;
+in {
+	options.services.mail._mailer = {
+		enable = lib.mkEnableOption "enable msmtp mailer service";
+		sender = {
+			host = lib.mkOption {
+				type = lib.types.str;
+				description = "";
+				example = "smtp.mail.example.com";
+			};
+			user = lib.mkOption {
+				type = lib.types.str;
+				description = "";
+				example = "myname@example.com";
+			};
+			from = lib.mkOption {
+				type = lib.types.str;
+				description = "";
+				example = "myname@example.com";
+			};
+			passwordFile = lib.mkOption {
+				type = lib.types.path;
+				description = "";
+			};
+		};
+		recipient = lib.mkOption {
+			type = lib.types.str;
+			description = "";
+			example = "admin@example.com";
+		};
+	};
+
+	# https://wiki.nixos.org/wiki/ZFS#Mail_notifications_(ZFS_Event_Daemon)
+	config = lib.mkIf cfg.enable {
+		# MTA
+		programs.msmtp = {
+			enable = true;
+			setSendmail = true;
+			defaults = {
+				aliases = "/etc/aliases";
+				port = 587;
+				auth = "plain";
+				tls = "on";
+				tls_starttls = "on";
+			};
+			accounts = {
+				default = with cfg.sender; {
+					inherit host user from;
+					passwordeval = "cat ${passwordFile}";
+				};
+			};
+		};
+
+		# Configure an alias for root account.
+		# With this alias configured, all mails sent to root, such as cron job
+		# results and failed sudo login events, will be redirected to the
+		# configured email account.
+		environment.etc.aliases.text = ''
+			root: ${cfg.recipient}
+		'';
+
+		# For zed enableMail, enable sendmailSetuidWrapper
+		services.mail.sendmailSetuidWrapper.enable = true;
+	};
+}
+
diff --git a/nixos/services/zfs/zed-mailer.nix b/nixos/services/zfs/zed-mailer.nix
new file mode 100644
index 0000000..06acd1f
--- /dev/null
+++ b/nixos/services/zfs/zed-mailer.nix
@@ -0,0 +1,20 @@
+{ lib, pkgs, config, ... }: let
+	cfg = config.services.zfs._zedMailer;
+in {
+	options.services.zfs._zedMailer = {
+		enable = lib.mkEnableOption "enable zed mailer service";
+	};
+
+	# https://wiki.nixos.org/wiki/ZFS#Mail_notifications_(ZFS_Event_Daemon)
+	config = lib.mkIf cfg.enable {
+		services.zfs.zed = {
+			enableMail = true;
+			settings = {
+				ZED_EMAIL_ADDR = [ "root" ];
+				# send notification if scrub succeeds
+				ZED_NOTIFY_VERBOSE = true;
+			};
+		};
+	};
+}
+
-- 
cgit v1.2.3