mysql = mkMysqlOptions "Postfix" {
password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; };
};
+ admins = mkOption {
+ description = ''
+ List of admins meant to receive common aliases
+ '';
+ type = listOf str;
+ };
+ common_aliases = mkOption {
+ description = ''
+ List of aliases common to all hosts, to forward to admins
+ '';
+ type = listOf str;
+ };
+ other_aliases = mkOption {
+ description = ''
+ Other list of aliases, to forward to admins
+ '';
+ type = listOf str;
+ };
backup_domains = mkOption {
description = ''
Domains that are accepted for relay as backup domain
{ lib, pkgs, config, nodes, ... }:
+let all_domains = config.myEnv.mail.postfix.additional_mailbox_domains
+ ++ lib.remove null (lib.flatten (map
+ (zone: map
+ (e: if e.receive
+ then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}"
+ else null
+ )
+ (zone.withEmail or [])
+ )
+ config.myEnv.dns.masterZones
+ ));
+in
{
config = lib.mkIf config.myServices.mail.enable {
myServices.chatonsProperties.hostings.mx-backup = {
virtual = let
cfg = config.myEnv.monitoring.email_check.eldiron;
address = "${cfg.mail_address}@${cfg.mail_domain}";
+ aliases = config.myEnv.mail.postfix.common_aliases;
+ admins = builtins.concatStringsSep "," config.myEnv.mail.postfix.admins;
in pkgs.writeText "postfix-virtual" (
builtins.concatStringsSep "\n" (
- ["${address} testmail@localhost"] ++
+ [ "${address} testmail@localhost"
+ ] ++
+ map (a: "${a} ${admins}") config.myEnv.mail.postfix.other_aliases ++
lib.attrsets.mapAttrsToList (
n: v: lib.optionalString v.external ''
script_${n}@mail.immae.eu ${n}@localhost, scripts@mail.immae.eu
''
) config.myEnv.mail.scripts
- )
- );
+ ++ lib.lists.flatten (
+ map (domain:
+ map (alias: "${alias}@${domain} ${admins}") aliases
+ ) all_domains
+ )
+ ));
};
sasl_access = {
host_sender_login = with lib.attrsets; let
addresses = zipAttrs (lib.flatten (mapAttrsToList
(n: v: (map (e: { "${e}" = "${n}@immae.eu"; }) v.emails)) config.myEnv.servers));
+ aliases = config.myEnv.mail.postfix.common_aliases;
joined = builtins.concatStringsSep ",";
+ admins = joined config.myEnv.mail.postfix.admins;
in pkgs.writeText "host-sender-login"
- (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses));
+ (builtins.concatStringsSep "\n" (
+ mapAttrsToList (n: v: "${n} ${joined v}") addresses
+ ++ lib.lists.flatten (
+ map (domain:
+ map (alias: "${alias}@${domain} ${admins}") aliases
+ ) all_domains
+ )
+ ++ map (a: "${a} ${admins}") config.myEnv.mail.postfix.other_aliases
+ ));
};
in
recipient_maps // relay_restrictions // virtual_map // sasl_access;
"mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"}"
"ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}"
];
- virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains
- ++ lib.remove null (lib.flatten (map
- (zone: map
- (e: if e.receive
- then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}"
- else null
- )
- (zone.withEmail or [])
- )
- config.myEnv.dns.masterZones
- ));
+ virtual_mailbox_domains = all_domains;
virtual_mailbox_maps = [
"ldap:${config.secrets.fullPaths."postfix/ldap_mailboxes"}"
];
{ lib, pkgs, config, nodes, name, ... }:
+let all_domains = config.myEnv.mail.postfix.additional_mailbox_domains
+ ++ lib.remove null (lib.flatten (map
+ (zone: map
+ (e: if e.receive
+ then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}"
+ else null
+ )
+ (zone.withEmail or [])
+ )
+ config.myEnv.dns.masterZones
+ ));
+in
{
config = lib.mkIf config.myServices.mailBackup.enable {
security.acme.certs."mail" = config.myServices.certificates.certConfig // {
virtual = let
cfg = config.myEnv.monitoring.email_check.eldiron;
address = "${cfg.mail_address}@${cfg.mail_domain}";
+ aliases = config.myEnv.mail.postfix.common_aliases;
in pkgs.writeText "postfix-virtual" (
builtins.concatStringsSep "\n" (
- ["${address} 1"] ++
+ [ "${address} 1"
+ ] ++
+ map (a: "${a} 1") config.myEnv.mail.postfix.other_aliases ++
lib.attrsets.mapAttrsToList (
n: v: lib.optionalString v.external ''
script_${n}@mail.immae.eu 1
''
) config.myEnv.mail.scripts
+ ++ lib.lists.flatten (map (domain: map (alias: "${alias}@${domain} 1") aliases) all_domains)
)
);
};
projects / perso / Immae / Config / Nix.git / commitdiff
