Use attrs for secrets instead of lists

[perso/Immae/Config/Nix.git] / modules / private / mail / dovecot.nix

diff --git a/modules/private/mail/dovecot.nix b/modules/private/mail/dovecot.nix
index 0304b899cb724f7b02e483d3918b8ab9f8ad4087..0ef3467ad66ad607ad1254cde8610e07a2dc2ed5 100644 (file)
--- a/modules/private/mail/dovecot.nix
+++ b/modules/private/mail/dovecot.nix
@@ -13,40 +13,38 @@ let
 in
 {
   config = lib.mkIf config.myServices.mail.enable {
+    systemd.services.dovecot2.serviceConfig.Slice = "mail.slice";
     services.duplyBackup.profiles.mail.excludeFile = ''
       + /var/lib/dhparams
       + /var/lib/dovecot
       '';
-    secrets.keys = [
-      {
-        dest = "dovecot/ldap";
-        user = config.services.dovecot2.user;
-        group = config.services.dovecot2.group;
-        permissions = "0400";
-        text = ''
-          hosts = ${config.myEnv.mail.dovecot.ldap.host}
-          tls = yes
+    secrets.keys."dovecot/ldap" = {
+      user = config.services.dovecot2.user;
+      group = config.services.dovecot2.group;
+      permissions = "0400";
+      text = ''
+        hosts = ${config.myEnv.mail.dovecot.ldap.host}
+        tls = yes
 
-          dn = ${config.myEnv.mail.dovecot.ldap.dn}
-          dnpass = ${config.myEnv.mail.dovecot.ldap.password}
+        dn = ${config.myEnv.mail.dovecot.ldap.dn}
+        dnpass = ${config.myEnv.mail.dovecot.ldap.password}
 
-          auth_bind = yes
+        auth_bind = yes
 
-          ldap_version = 3
+        ldap_version = 3
 
-          base = ${config.myEnv.mail.dovecot.ldap.base}
-          scope = subtree
+        base = ${config.myEnv.mail.dovecot.ldap.base}
+        scope = subtree
 
-          pass_filter = ${config.myEnv.mail.dovecot.ldap.filter}
-          pass_attrs = ${config.myEnv.mail.dovecot.ldap.pass_attrs}
+        pass_filter = ${config.myEnv.mail.dovecot.ldap.filter}
+        pass_attrs = ${config.myEnv.mail.dovecot.ldap.pass_attrs}
 
-          user_attrs = ${config.myEnv.mail.dovecot.ldap.user_attrs}
-          user_filter = ${config.myEnv.mail.dovecot.ldap.filter}
-          iterate_attrs = ${config.myEnv.mail.dovecot.ldap.iterate_attrs}
-          iterate_filter = ${config.myEnv.mail.dovecot.ldap.iterate_filter}
-          '';
-      }
-    ];
+        user_attrs = ${config.myEnv.mail.dovecot.ldap.user_attrs}
+        user_filter = ${config.myEnv.mail.dovecot.ldap.filter}
+        iterate_attrs = ${config.myEnv.mail.dovecot.ldap.iterate_attrs}
+        iterate_filter = ${config.myEnv.mail.dovecot.ldap.iterate_filter}
+        '';
+    };
 
     users.users.vhost = {
       group = "vhost";
@@ -69,12 +67,12 @@ in
       mailUser = "vhost";
       mailGroup = "vhost";
       createMailUser = false;
-      mailboxes = [
-        { name = "Trash";  auto = "subscribe"; specialUse = "Trash"; }
-        { name = "Junk";   auto = "subscribe"; specialUse = "Junk"; }
-        { name = "Sent";   auto = "subscribe"; specialUse = "Sent"; }
-        { name = "Drafts"; auto = "subscribe"; specialUse = "Drafts"; }
-      ];
+      mailboxes = {
+        Trash  = { auto = "subscribe"; specialUse = "Trash"; };
+        Junk   = { auto = "subscribe"; specialUse = "Junk"; };
+        Sent   = { auto = "subscribe"; specialUse = "Sent"; };
+        Drafts = { auto = "subscribe"; specialUse = "Drafts"; };
+      };
       mailLocation = "mbox:~/Mail:INBOX=~/Mail/Inbox:INDEX=~/.imap";
       sslServerCert = "/var/lib/acme/mail/fullchain.pem";
       sslServerKey = "/var/lib/acme/mail/key.pem";