]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - modules/private/mail/opensmtpd.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Squash changes containing private information
[perso/Immae/Config/Nix.git] / modules / private / mail / opensmtpd.nix
diff --git a/modules/private/mail/opensmtpd.nix b/modules/private/mail/opensmtpd.nix
deleted file mode 100644 (file)
index e05bba9..0000000
--- a/modules/private/mail/opensmtpd.nix
+++ /dev/null
@@ -1,57 +0,0 @@
-{ lib, pkgs, config, name, ... }:
-{
-  config = lib.mkIf config.myServices.mailRelay.enable {
-    secrets.keys."opensmtpd/creds" = {
-      user = "smtpd";
-      group = "smtpd";
-      permissions = "0400";
-      text = ''
-        eldiron    ${name}:${config.hostEnv.ldap.password}
-        '';
-    };
-    users.users.smtpd.extraGroups = [ "keys" ];
-    services.opensmtpd = {
-      enable = true;
-      serverConfiguration = let
-        filter-rewrite-from = pkgs.runCommand "filter-rewrite-from.py" {
-          buildInputs = [ pkgs.python3 ];
-        } ''
-          cp ${./filter-rewrite-from.py} $out
-          patchShebangs $out
-        '';
-      in ''
-        table creds \
-          "${config.secrets.fullPaths."opensmtpd/creds"}"
-        # FIXME: filtering requires 6.6, uncomment following lines when
-        # upgrading
-        # filter "fixfrom" \
-        #   proc-exec "${filter-rewrite-from} ${name}@immae.eu"
-        # listen on socket filter "fixfrom"
-        action "relay-rewrite-from" relay \
-          helo ${config.hostEnv.fqdn} \
-          host smtp+tls://eldiron@eldiron.immae.eu:587 \
-          auth <creds> \
-          mail-from ${name}@immae.eu
-        action "relay" relay \
-          helo ${config.hostEnv.fqdn} \
-          host smtp+tls://eldiron@eldiron.immae.eu:587 \
-          auth <creds>
-        match for any !mail-from "@immae.eu" action "relay-rewrite-from"
-        match for any mail-from "@immae.eu" action "relay"
-        '';
-    };
-    environment.systemPackages = [ config.services.opensmtpd.package ];
-    services.mail.sendmailSetuidWrapper = {
-      program = "sendmail";
-      source = "${config.services.opensmtpd.package}/bin/smtpctl";
-      setuid = false;
-      setgid = false;
-    };
-    security.wrappers.mailq = {
-      program = "mailq";
-      source = "${config.services.opensmtpd.package}/bin/smtpctl";
-      setuid = false;
-      setgid = false;
-    };
-  };
-}
My infrastructure configuration