diff --git a/terranix/containers/email/default.nix b/terranix/containers/email/default.nix
new file mode 100644
index 0000000..8d26b1b
--- /dev/null
+++ b/terranix/containers/email/default.nix
@@ -0,0 +1,54 @@
+{ elib, ... }:
+let
+  inherit (elib)
+    nfsVolume
+    nomadJob;
+
+  flake_host = "";
+  flake_rev = "";
+  flake_ref = "";
+  flake_sha = "";
+in
+{
+  resource."vault_policy"."dovecot-policy" = nfsVolume {
+    name = "dovecot-policy";
+    policy = ''
+      path "kv/data/cluster/dovecot" {
+        capabilities = ["read"]
+      }
+    '';
+  };
+
+  resource."vault_policy"."getmail-policy" = nfsVolume {
+    name = "getmail-policy";
+    policy = ''
+      path "kv/data/cluster/getmail" {
+        capabilities = ["read"]
+      }
+    '';
+  };
+
+  resource."nomad_volume"."dovecot_maildir" = {
+    volume_name = "org.democratic-csi.nfs";
+    access_mode = "multi-node-multi-writer";
+    server = "blowhole.hosts.in.redalder.org";
+    share = "/var/nfs/dovecot/maildir";
+    mount_flags = [ "nfsvers=3" "hard" "async" ];
+  };
+
+  resource."nomad_volume"."mail-configuration" = {
+    volume_name = "mail-configuration";
+    access_mode = "single-node-writer";
+    server = "blowhole.hosts.in.redalder.org";
+    share = "/var/nfs/mail-configuration";
+    mount_flags = [ "nfsvers=3" "hard" "async" ];
+  };
+
+  resource."nomad_job"."email" = {
+    jobspec = ./job.hcl;
+    vars = {
+      flake_ref = "${flake_host}?rev=${flake_rev}&ref=${flake_ref}";
+      flake_sha = flake_sha;
+    };
+  };
+}