X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fmail%2Fpostfix.nix;h=46d45c188cbc549f1199897fcc5d670147923ed2;hb=418a4ed7da43fab53c18f99237bc296e37f47d2c;hp=92fa580d42da6d13f4a6ec30778b5911d4c3f073;hpb=5153eb54abab92497093fffa60c487c3523016d4;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix index 92fa580..46d45c1 100644 --- a/modules/private/mail/postfix.nix +++ b/modules/private/mail/postfix.nix @@ -18,7 +18,7 @@ hosts = unix:${config.myEnv.mail.postfix.mysql.socket} dbname = ${config.myEnv.mail.postfix.mysql.database} query = SELECT DISTINCT destination - FROM forwardings_merge + FROM forwardings WHERE ((regex = 1 AND '%s' REGEXP CONCAT('^',source,'$') ) OR (regex = 0 AND source = '%s')) AND active = 1 @@ -73,11 +73,15 @@ hosts = unix:${config.myEnv.mail.postfix.mysql.socket} dbname = ${config.myEnv.mail.postfix.mysql.database} query = SELECT DISTINCT destination - FROM forwardings_merge + FROM forwardings WHERE - ((regex = 1 AND '%s' REGEXP CONCAT('^',source,'$') ) OR (regex = 0 AND source = '%s')) + ( + (regex = 1 AND CONCAT(SUBSTRING_INDEX('%u', '+', 1), '@%d') REGEXP CONCAT('^',source,'$') ) + OR + (regex = 0 AND source = CONCAT(SUBSTRING_INDEX('%u', '+', 1), '@%d')) + ) AND active = 1 - UNION SELECT '%s' AS destination + UNION SELECT CONCAT(SUBSTRING_INDEX('%u', '+', 1), '@%d') AS destination ''; } { @@ -171,9 +175,6 @@ networking.firewall.allowedTCPPorts = [ 25 465 587 ]; - nixpkgs.overlays = [ (self: super: { - postfix = super.postfix.override { withMySQL = true; }; - }) ]; users.users."${config.services.postfix.user}".extraGroups = [ "keys" ]; services.filesWatcher.postfix = { restart = true; @@ -290,7 +291,11 @@ alias_database = "\$alias_maps"; ### Virtual mailboxes config - virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"} ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}"; + virtual_alias_maps = [ + "hash:/etc/postfix/virtual" + "mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"}" + "ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}" + ]; virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains ++ lib.remove null (lib.flatten (map (zone: map @@ -302,7 +307,10 @@ ) config.myEnv.dns.masterZones )); - virtual_mailbox_maps = "hash:/etc/postfix/host_dummy_mailboxes mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}"; + virtual_mailbox_maps = [ + "hash:/etc/postfix/host_dummy_mailboxes" + "mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}" + ]; dovecot_destination_recipient_limit = "1"; virtual_transport = "dovecot"; @@ -354,6 +362,9 @@ smtp_use_tls = true; smtpd_use_tls = true; smtpd_tls_chain_files = builtins.concatStringsSep "," [ "/var/lib/acme/mail/full.pem" "/var/lib/acme/mail-rsa/full.pem" ]; + + maximal_queue_lifetime = "6w"; + bounce_queue_lifetime = "6w"; }; enable = true; enableSmtp = true; @@ -438,6 +449,14 @@ "smtp.immae.eu" = null; }; }; + security.acme.certs."mail-rsa" = { + postRun = '' + systemctl restart postfix.service + ''; + extraDomains = { + "smtp.immae.eu" = null; + }; + }; system.activationScripts.testmail = { deps = [ "users" ]; text = let