]>
Commit | Line | Data |
---|---|---|
ab8f306d | 1 | { lib, pkgs, config, ... }: |
afcc5de0 IB |
2 | let |
3 | domains = (lib.remove null (lib.flatten (map | |
4 | (zone: map | |
5 | (e: if e.receive | |
6 | then { | |
7 | domain = "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}"; | |
8 | mail = zone.name; | |
9 | } | |
10 | else null | |
11 | ) | |
12 | (zone.withEmail or []) | |
13 | ) | |
ab8f306d | 14 | config.myEnv.dns.masterZones |
afcc5de0 | 15 | ))); |
619e4f46 IB |
16 | mxes = lib.mapAttrsToList |
17 | (n: v: v.mx.subdomain) | |
18 | (lib.attrsets.filterAttrs (n: v: v.mx.enable) config.myEnv.servers); | |
afcc5de0 IB |
19 | # FIXME: increase the id number in modules/private/dns.nix when this |
20 | # file change (date -u +'%Y%m%d%H%M%S'Z) | |
8cc7cb6b IB |
21 | file = domain: pkgs.writeText "mta-sts-${domain.domain}.txt" ( |
22 | builtins.concatStringsSep "\r\n" ([ "version: STSv1" "mode: testing" ] | |
23 | ++ (map (v: "mx: ${v}.${domain.mail}") mxes) | |
24 | ++ [ "max_age: 604800" ] | |
25 | )); | |
afcc5de0 IB |
26 | root = pkgs.runCommand "mta-sts_root" {} '' |
27 | mkdir -p $out | |
28 | ${builtins.concatStringsSep "\n" (map (d: | |
29 | "cp ${file d} $out/${d.domain}.txt" | |
30 | ) domains)} | |
31 | ''; | |
8415083e | 32 | cfg = config.myServices.websites.tools.email; |
afcc5de0 IB |
33 | in |
34 | { | |
8415083e | 35 | config = lib.mkIf cfg.enable { |
8415083e IB |
36 | services.websites.env.tools.vhostConfs.mta_sts = { |
37 | certName = "mail"; | |
38 | addToCerts = true; | |
39 | hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.domain}") domains; | |
750fe5a4 | 40 | root = root; |
8415083e IB |
41 | extraConfig = [ |
42 | '' | |
43 | RewriteEngine on | |
44 | RewriteCond %{HTTP_HOST} ^mta-sts.(.*)$ | |
45 | RewriteRule ^/.well-known/mta-sts.txt$ %{DOCUMENT_ROOT}/%1.txt [L] | |
750fe5a4 | 46 | <Directory ${root}> |
8415083e IB |
47 | Require all granted |
48 | Options -Indexes | |
49 | </Directory> | |
50 | '' | |
51 | ]; | |
52 | }; | |
afcc5de0 | 53 | }; |
afcc5de0 | 54 | } |