feat: migrate to agenix for secret management

modules/mail.nix

@@ -43,7 +43,7 @@
       
       authentication.fallback-admin = {
         user = "admin";
-        secret = config.mySecrets.stalwartAdmin;
+        secret = "%{file:/run/agenix/stalwart-admin}%";
       };
     };
   };
@@ -51,10 +51,4 @@
   # Allow Stalwart to read the ACME certificate procured for Caddy
   systemd.services.stalwart.serviceConfig.SupplementaryGroups = [ "acme" ];
 
-  # Open Firewalls for Mail
-  networking.firewall.allowedTCPPorts = [ 
-    993        # IMAP (Secure)
-    4190       # Sieve
-    8080       # Admin UI (Reverse proxied, but good to double check loopback)
-  ];
 }