X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;ds=sidebyside;f=modules%2Fprivate%2Fmail%2Fdovecot.nix;h=0304b899cb724f7b02e483d3918b8ab9f8ad4087;hb=5153eb54abab92497093fffa60c487c3523016d4;hp=c3d306de372e7699cd8c940be6f6d829f9b0c2f7;hpb=cecfa2f6ac2943ce0bba5142fa1e531a4d636541;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/mail/dovecot.nix b/modules/private/mail/dovecot.nix
index c3d306d..0304b89 100644
--- a/modules/private/mail/dovecot.nix
+++ b/modules/private/mail/dovecot.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, config, myconfig,  ... }:
+{ lib, pkgs, config, ... }:
 let
   sieve_bin = pkgs.runCommand "sieve_bin" {
     buildInputs = [ pkgs.makeWrapper ];
@@ -24,26 +24,26 @@ in
         group = config.services.dovecot2.group;
         permissions = "0400";
         text = ''
-          hosts = ${myconfig.env.mail.dovecot.ldap.host}
+          hosts = ${config.myEnv.mail.dovecot.ldap.host}
           tls = yes
 
-          dn = ${myconfig.env.mail.dovecot.ldap.dn}
-          dnpass = ${myconfig.env.mail.dovecot.ldap.password}
+          dn = ${config.myEnv.mail.dovecot.ldap.dn}
+          dnpass = ${config.myEnv.mail.dovecot.ldap.password}
 
           auth_bind = yes
 
           ldap_version = 3
 
-          base = ${myconfig.env.mail.dovecot.ldap.base}
+          base = ${config.myEnv.mail.dovecot.ldap.base}
           scope = subtree
 
-          pass_filter = ${myconfig.env.mail.dovecot.ldap.filter}
-          pass_attrs = ${myconfig.env.mail.dovecot.ldap.pass_attrs}
+          pass_filter = ${config.myEnv.mail.dovecot.ldap.filter}
+          pass_attrs = ${config.myEnv.mail.dovecot.ldap.pass_attrs}
 
-          user_attrs = ${myconfig.env.mail.dovecot.ldap.user_attrs}
-          user_filter = ${myconfig.env.mail.dovecot.ldap.filter}
-          iterate_attrs = ${myconfig.env.mail.dovecot.ldap.iterate_attrs}
-          iterate_filter = ${myconfig.env.mail.dovecot.ldap.iterate_filter}
+          user_attrs = ${config.myEnv.mail.dovecot.ldap.user_attrs}
+          user_filter = ${config.myEnv.mail.dovecot.ldap.filter}
+          iterate_attrs = ${config.myEnv.mail.dovecot.ldap.iterate_attrs}
+          iterate_filter = ${config.myEnv.mail.dovecot.ldap.iterate_filter}
           '';
       }
     ];
@@ -80,6 +80,12 @@ in
       sslServerKey = "/var/lib/acme/mail/key.pem";
       sslCACert = "/var/lib/acme/mail/fullchain.pem";
       extraConfig = builtins.concatStringsSep "\n" [
+        # For printer which doesnât support elliptic curve
+        ''
+          ssl_alt_cert = </var/lib/acme/mail-rsa/fullchain.pem
+          ssl_alt_key = </var/lib/acme/mail-rsa/key.pem
+        ''
+
         ''
           postmaster_address = postmaster@immae.eu
           mail_attribute_dict = file:%h/dovecot-attributes
@@ -128,7 +134,7 @@ in
             sieve_plugins = sieve_imapsieve sieve_extprograms
             imapsieve_url = sieve://127.0.0.1:4190
 
-            sieve_before = file:${./sieve_scripts}/backup.sieve
+            sieve_before = file:${./sieve_scripts}/backup.sieve;bindir=/var/lib/vhost/.sieve_bin
 
             # From elsewhere to Junk folder
             imapsieve_mailbox1_name = Junk
@@ -141,6 +147,11 @@ in
             imapsieve_mailbox2_causes = COPY
             imapsieve_mailbox2_before = file:${./sieve_scripts}/report_ham.sieve;bindir=/var/lib/vhost/.imapsieve_bin
 
+            # From anywhere to NoJunk folder
+            imapsieve_mailbox3_name = NoJunk
+            imapsieve_mailbox3_causes = COPY APPEND
+            imapsieve_mailbox3_before = file:${./sieve_scripts}/report_ham.sieve;bindir=/var/lib/vhost/.imapsieve_bin
+
             sieve_pipe_bin_dir = ${sieve_bin}
 
             sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment
@@ -256,7 +267,7 @@ in
 
     services.cron.systemCronJobs = let
       cron_script = pkgs.writeScriptBin "cleanup-imap-folders" ''
-        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX "Backup/*" NOT UID 1:256 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
+        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX "Backup/*" NOT FLAGGED BEFORE 8w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
         ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX Junk SEEN NOT FLAGGED BEFORE 4w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
         ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX Trash NOT FLAGGED BEFORE 4w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
         '';
@@ -264,6 +275,15 @@ in
       [
         "0 2 * * * root ${cron_script}/bin/cleanup-imap-folders"
       ];
+    security.acme.certs."mail-rsa" = {
+      postRun = ''
+        systemctl restart dovecot2.service
+      '';
+      extraDomains = {
+        "imap.immae.eu" = null;
+        "pop3.immae.eu" = null;
+      };
+    };
     security.acme.certs."mail" = {
       postRun = ''
         systemctl restart dovecot2.service