X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fmail%2Fdovecot.nix;h=c3d306de372e7699cd8c940be6f6d829f9b0c2f7;hb=cecfa2f6ac2943ce0bba5142fa1e531a4d636541;hp=6220da2b34b35a971f24feae0e0d6a27fd37ed58;hpb=d2e703c560bc029c3d607058de2935bbf1cb0559;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/mail/dovecot.nix b/modules/private/mail/dovecot.nix
index 6220da2..c3d306d 100644
--- a/modules/private/mail/dovecot.nix
+++ b/modules/private/mail/dovecot.nix
@@ -37,11 +37,13 @@ in
           base = ${myconfig.env.mail.dovecot.ldap.base}
           scope = subtree
 
-          user_filter = ${myconfig.env.mail.dovecot.ldap.filter}
           pass_filter = ${myconfig.env.mail.dovecot.ldap.filter}
+          pass_attrs = ${myconfig.env.mail.dovecot.ldap.pass_attrs}
 
           user_attrs = ${myconfig.env.mail.dovecot.ldap.user_attrs}
-          pass_attrs = ${myconfig.env.mail.dovecot.ldap.pass_attrs}
+          user_filter = ${myconfig.env.mail.dovecot.ldap.filter}
+          iterate_attrs = ${myconfig.env.mail.dovecot.ldap.iterate_attrs}
+          iterate_filter = ${myconfig.env.mail.dovecot.ldap.iterate_filter}
           '';
       }
     ];
@@ -90,6 +92,17 @@ in
           }
         ''
 
+        # ACL
+        ''
+          mail_plugins = $mail_plugins acl
+          plugin {
+            acl = vfile:${pkgs.writeText "dovecot-acl" ''
+              Backup/* owner lrp
+              ''}
+            acl_globals_only = yes
+          }
+        ''
+
         # Full text search
         ''
           # needs to be bigger than any mailbox size
@@ -115,6 +128,8 @@ in
             sieve_plugins = sieve_imapsieve sieve_extprograms
             imapsieve_url = sieve://127.0.0.1:4190
 
+            sieve_before = file:${./sieve_scripts}/backup.sieve
+
             # From elsewhere to Junk folder
             imapsieve_mailbox1_name = Junk
             imapsieve_mailbox1_causes = COPY APPEND
@@ -185,8 +200,8 @@ in
           args = ${config.secrets.fullPaths."dovecot/ldap"}
         }
         userdb {
-          driver = static
-          args = user=%u uid=vhost gid=vhost home=/var/lib/vhost/%d/%n/ mail=mbox:~/Mail:INBOX=~/Mail/Inbox:INDEX=~/.imap
+          driver = ldap
+          args = ${config.secrets.fullPaths."dovecot/ldap"}
         }
         ''
 
@@ -223,7 +238,7 @@ in
         # Needs to come last if there are mail_plugins entries
         ''
         protocol imap {
-          mail_plugins = $mail_plugins imap_sieve
+          mail_plugins = $mail_plugins imap_sieve imap_acl
         }
         protocol lda {
           mail_plugins = $mail_plugins sieve
@@ -239,6 +254,16 @@ in
         '';
     };
 
+    services.cron.systemCronJobs = let
+      cron_script = pkgs.writeScriptBin "cleanup-imap-folders" ''
+        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX "Backup/*" NOT UID 1:256 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
+        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX Junk SEEN NOT FLAGGED BEFORE 4w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
+        ${pkgs.dovecot}/bin/doveadm expunge -A MAILBOX Trash NOT FLAGGED BEFORE 4w 2>&1 > /dev/null | grep -v "Mailbox doesn't exist:" | grep -v "Info: Opening DB"
+        '';
+      in
+      [
+        "0 2 * * * root ${cron_script}/bin/cleanup-imap-folders"
+      ];
     security.acme.certs."mail" = {
       postRun = ''
         systemctl restart dovecot2.service