{ lib, pkgs, config, nodes, name, ... }:
{
config = lib.mkIf config.myServices.mailBackup.enable {
- security.acme2.certs."mail" = config.myServices.certificates.certConfig // {
+ security.acme.certs."mail" = config.myServices.certificates.certConfig // {
postRun = ''
systemctl restart postfix.service
'';
hosts = ${config.myEnv.mail.postfix.mysql.remoteHost}
dbname = ${config.myEnv.mail.postfix.mysql.database}
query = SELECT DISTINCT 1
- FROM forwardings_merge
+ FROM forwardings
WHERE
((regex = 1 AND '%s' REGEXP CONCAT('^',source,'$') ) OR (regex = 0 AND source = '%s'))
AND active = 1
LIMIT 1
'';
}
+ {
+ dest = "postfix/sympa_mailbox_maps";
+ user = config.services.postfix.user;
+ group = config.services.postfix.group;
+ permissions = "0440";
+ text = ''
+ hosts = ${config.myEnv.mail.sympa.postgresql.host}
+ user = ${config.myEnv.mail.sympa.postgresql.user}
+ password = ${config.myEnv.mail.sympa.postgresql.password}
+ dbname = ${config.myEnv.mail.sympa.postgresql.database}
+ query = SELECT DISTINCT CONCAT(name_list, '@', robot_list) FROM list_table
+ '';
+ }
{
dest = "postfix/ldap_ejabberd_users_immae_fr";
user = config.services.postfix.user;
networking.firewall.allowedTCPPorts = [ 25 ];
- nixpkgs.overlays = [ (self: super: {
- postfix = super.postfix.override { withMySQL = true; };
- }) ];
users.users."${config.services.postfix.user}".extraGroups = [ "keys" ];
services.filesWatcher.postfix = {
restart = true;
paths = [
config.secrets.fullPaths."postfix/mysql_alias_maps"
config.secrets.fullPaths."postfix/mysql_mailbox_maps"
+ config.secrets.fullPaths."postfix/sympa_mailbox_maps"
config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"
];
};
relay_domains = let
backups = lib.flatten (lib.attrsets.mapAttrsToList (n: v: v.domains or []) config.myEnv.mail.postfix.backup_domains);
virtual_domains = config.myEnv.mail.postfix.additional_mailbox_domains
- ++ lib.remove "localhost.immae.eu" (lib.remove null (lib.flatten (map
+ ++ lib.remove null (lib.flatten (map
(zone: map
(e: if e.receive
then "${e.domain}${lib.optionalString (e.domain != "") "."}${zone.name}"
(zone.withEmail or [])
)
config.myEnv.dns.masterZones
- )));
+ ));
in
backups ++ virtual_domains;
relay_recipient_maps = let
virtual_mailbox_maps = [
"hash:/etc/postfix/host_dummy_mailboxes"
"mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}"
+ "pgsql:${config.secrets.fullPaths."postfix/sympa_mailbox_maps"}"
];
in
backup_recipients ++ virtual_alias_maps ++ virtual_mailbox_maps;
enable = true;
enableSmtp = true;
enableSubmission = false;
- # FIXME: Mail adressed to localhost.immae.eu will still have mx-1 as
- # prioritized MX, which provokes "mail for localhost.immae.eu loops
- # back to myself" errors. This transport entry forces to push
- # e-mails to its right destination.
- transport = ''
- localhost.immae.eu smtp:[immae.eu]:25
- '';
destination = ["localhost"];
# This needs to reverse DNS
hostname = config.hostEnv.fqdn;
projects / perso / Immae / Config / Nix.git / blobdiff