{ lib, pkgs, config, nodes, ... }:
{
config = lib.mkIf config.myServices.mail.enable {
- services.duplyBackup.profiles.mail.excludeFile = ''
- + /var/lib/postfix
- '';
- secrets.keys = [
- {
- dest = "postfix/mysql_alias_maps";
+ secrets.keys = {
+ "postfix/mysql_alias_maps" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
FROM forwardings_blacklisted
WHERE source = '%s'
'';
- }
- {
- dest = "postfix/ldap_mailboxes";
+ };
+ "postfix/ldap_mailboxes" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
result_format = dummy
version = 3
'';
- }
- {
- dest = "postfix/mysql_sender_login_maps";
+ };
+ "postfix/mysql_sender_login_maps" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
AND active = 1
UNION SELECT CONCAT(SUBSTRING_INDEX('%u', '+', 1), '@%d') AS destination
'';
- }
- {
- dest = "postfix/mysql_sender_relays_maps";
+ };
+ "postfix/mysql_sender_relays_maps" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
((regex = 1 AND '%s' REGEXP CONCAT('^',`from`,'$') ) OR (regex = 0 AND `from` = '%s'))
AND active = 1
'';
- }
- {
- dest = "postfix/mysql_sender_relays_hosts";
+ };
+ "postfix/mysql_sender_relays_hosts" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
((regex = 1 AND '%s' REGEXP CONCAT('^',`from`,'$') ) OR (regex = 0 AND `from` = '%s'))
AND active = 1
'';
- }
- {
- dest = "postfix/mysql_sender_relays_creds";
+ };
+ "postfix/mysql_sender_relays_creds" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
((regex = 1 AND '%s' REGEXP CONCAT('^',`from`,'$') ) OR (regex = 0 AND `from` = '%s'))
AND active = 1
'';
- }
- {
- dest = "postfix/ldap_ejabberd_users_immae_fr";
+ };
+ "postfix/ldap_ejabberd_users_immae_fr" = {
user = config.services.postfix.user;
group = config.services.postfix.group;
permissions = "0440";
result_format = ejabberd@localhost
version = 3
'';
- }
- ] ++ (lib.mapAttrsToList (name: v: {
- dest = "postfix/scripts/${name}-env";
+ };
+ } // lib.mapAttrs' (name: v: lib.nameValuePair "postfix/scripts/${name}-env" {
user = "postfixscripts";
group = "root";
permissions = "0400";
text = builtins.toJSON v.env;
- }) config.myEnv.mail.scripts);
+ }) config.myEnv.mail.scripts;
networking.firewall.allowedTCPPorts = [ 25 465 587 ];
fi
'';
scripts = lib.attrsets.mapAttrs (n: v:
- toScript n (pkgs.callPackage (builtins.fetchGit { url = v.src.url; ref = "master"; rev = v.src.rev; }) { scriptEnv = "/var/secrets/postfix/scripts/${n}-env"; })
+ toScript n (pkgs.callPackage (builtins.fetchGit { url = v.src.url; ref = "master"; rev = v.src.rev; }) { scriptEnv = config.secrets.fullPaths."postfix/scripts/${n}-env"; })
) config.myEnv.mail.scripts // {
testmail = pkgs.writeScript "testmail" ''
#! ${pkgs.stdenv.shell}
projects / perso / Immae / Config / Nix.git / blobdiff