X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fmail%2Fpostfix.nix;h=ee4ac35159e09da2b057f168fc9a862514d97e88;hb=ca4630caa90c8cc76687a3ccb76b4b4f16b20d5a;hp=dfe6129af9ef847db361a819a69ec8b96f833388;hpb=afcc5de071dfffdc507995d1845372ba40dc1dc2;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix
index dfe6129..ee4ac35 100644
--- a/modules/private/mail/postfix.nix
+++ b/modules/private/mail/postfix.nix
@@ -77,7 +77,7 @@
     }
   ];
 
-  config.networking.firewall.allowedTCPPorts = [ 25 587 ];
+  config.networking.firewall.allowedTCPPorts = [ 25 465 587 ];
 
   config.nixpkgs.overlays = [ (self: super: {
     postfix = super.postfix.override { withMySQL = true; };
@@ -205,6 +205,15 @@
     sslKey = "/var/lib/acme/mail/key.pem";
     recipientDelimiter = "+";
     masterConfig = {
+      submissions = {
+        type = "inet";
+        private = false;
+        command = "smtpd";
+        args = ["-o" "smtpd_tls_wrappermode=yes" ] ++ (let
+          mkKeyVal = opt: val: [ "-o" (opt + "=" + val) ];
+        in lib.concatLists (lib.mapAttrsToList mkKeyVal config.services.postfix.submissionOptions)
+        );
+      };
       dovecot = {
         type = "unix";
         privileged = true;