From: Ismaƫl Bouya Date: Sun, 9 Apr 2023 09:50:49 +0000 (+0200) Subject: Postfix common aliases X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=6596ce997908aab8daaae635229e5031c83fd57c;p=perso%2FImmae%2FConfig%2FNix.git Postfix common aliases --- diff --git a/modules/private/environment.nix b/modules/private/environment.nix index 1cc3b6c..47eafab 100644 --- a/modules/private/environment.nix +++ b/modules/private/environment.nix @@ -684,6 +684,24 @@ in mysql = mkMysqlOptions "Postfix" { password_encrypt = mkOption { type = str; description = "Key to encrypt relay password in database"; }; }; + admins = mkOption { + description = '' + List of admins meant to receive common aliases + ''; + type = listOf str; + }; + common_aliases = mkOption { + description = '' + List of aliases common to all hosts, to forward to admins + ''; + type = listOf str; + }; + other_aliases = mkOption { + description = '' + Other list of aliases, to forward to admins + ''; + type = listOf str; + }; backup_domains = mkOption { description = '' Domains that are accepted for relay as backup domain diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix index 0e72641..7e06c45 100644 --- a/modules/private/mail/postfix.nix +++ b/modules/private/mail/postfix.nix @@ -1,4 +1,16 @@ { lib, pkgs, config, nodes, ... }: +let all_domains = config.myEnv.mail.postfix.additional_mailbox_domains + ++ lib.remove null (lib.flatten (map + (zone: map + (e: if e.receive + then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}" + else null + ) + (zone.withEmail or []) + ) + config.myEnv.dns.masterZones + )); +in { config = lib.mkIf config.myServices.mail.enable { myServices.chatonsProperties.hostings.mx-backup = { @@ -271,24 +283,42 @@ virtual = let cfg = config.myEnv.monitoring.email_check.eldiron; address = "${cfg.mail_address}@${cfg.mail_domain}"; + aliases = config.myEnv.mail.postfix.common_aliases; + admins = builtins.concatStringsSep "," config.myEnv.mail.postfix.admins; in pkgs.writeText "postfix-virtual" ( builtins.concatStringsSep "\n" ( - ["${address} testmail@localhost"] ++ + [ "${address} testmail@localhost" + ] ++ + map (a: "${a} ${admins}") config.myEnv.mail.postfix.other_aliases ++ lib.attrsets.mapAttrsToList ( n: v: lib.optionalString v.external '' script_${n}@mail.immae.eu ${n}@localhost, scripts@mail.immae.eu '' ) config.myEnv.mail.scripts - ) - ); + ++ lib.lists.flatten ( + map (domain: + map (alias: "${alias}@${domain} ${admins}") aliases + ) all_domains + ) + )); }; sasl_access = { host_sender_login = with lib.attrsets; let addresses = zipAttrs (lib.flatten (mapAttrsToList (n: v: (map (e: { "${e}" = "${n}@immae.eu"; }) v.emails)) config.myEnv.servers)); + aliases = config.myEnv.mail.postfix.common_aliases; joined = builtins.concatStringsSep ","; + admins = joined config.myEnv.mail.postfix.admins; in pkgs.writeText "host-sender-login" - (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses)); + (builtins.concatStringsSep "\n" ( + mapAttrsToList (n: v: "${n} ${joined v}") addresses + ++ lib.lists.flatten ( + map (domain: + map (alias: "${alias}@${domain} ${admins}") aliases + ) all_domains + ) + ++ map (a: "${a} ${admins}") config.myEnv.mail.postfix.other_aliases + )); }; in recipient_maps // relay_restrictions // virtual_map // sasl_access; @@ -312,17 +342,7 @@ "mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"}" "ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}" ]; - virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains - ++ lib.remove null (lib.flatten (map - (zone: map - (e: if e.receive - then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}" - else null - ) - (zone.withEmail or []) - ) - config.myEnv.dns.masterZones - )); + virtual_mailbox_domains = all_domains; virtual_mailbox_maps = [ "ldap:${config.secrets.fullPaths."postfix/ldap_mailboxes"}" ]; diff --git a/modules/private/mail/relay.nix b/modules/private/mail/relay.nix index fe16123..add9c8c 100644 --- a/modules/private/mail/relay.nix +++ b/modules/private/mail/relay.nix @@ -1,4 +1,16 @@ { lib, pkgs, config, nodes, name, ... }: +let all_domains = config.myEnv.mail.postfix.additional_mailbox_domains + ++ lib.remove null (lib.flatten (map + (zone: map + (e: if e.receive + then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}" + else null + ) + (zone.withEmail or []) + ) + config.myEnv.dns.masterZones + )); +in { config = lib.mkIf config.myServices.mailBackup.enable { security.acme.certs."mail" = config.myServices.certificates.certConfig // { @@ -138,14 +150,18 @@ virtual = let cfg = config.myEnv.monitoring.email_check.eldiron; address = "${cfg.mail_address}@${cfg.mail_domain}"; + aliases = config.myEnv.mail.postfix.common_aliases; in pkgs.writeText "postfix-virtual" ( builtins.concatStringsSep "\n" ( - ["${address} 1"] ++ + [ "${address} 1" + ] ++ + map (a: "${a} 1") config.myEnv.mail.postfix.other_aliases ++ lib.attrsets.mapAttrsToList ( n: v: lib.optionalString v.external '' script_${n}@mail.immae.eu 1 '' ) config.myEnv.mail.scripts + ++ lib.lists.flatten (map (domain: map (alias: "${alias}@${domain} 1") aliases) all_domains) ) ); };