)
config.myEnv.dns.masterZones
)));
+ mxes = lib.mapAttrsToList
+ (n: v: v.mx.subdomain)
+ (lib.attrsets.filterAttrs (n: v: v.mx.enable) config.myEnv.servers);
# FIXME: increase the id number in modules/private/dns.nix when this
# file change (date -u +'%Y%m%d%H%M%S'Z)
- file = domain: pkgs.writeText "mta-sts-${domain.domain}.txt" ''
- version: STSv1
- mode: testing
- mx: mx-1.${domain.mail}
- mx: mx-2.${domain.mail}
- max_age: 604800
- '';
+ file = domain: pkgs.writeText "mta-sts-${domain.domain}.txt" (
+ builtins.concatStringsSep "\r\n" ([ "version: STSv1" "mode: testing" ]
+ ++ (map (v: "mx: ${v}.${domain.mail}") mxes)
+ ++ [ "max_age: 604800" ]
+ ));
root = pkgs.runCommand "mta-sts_root" {} ''
mkdir -p $out
${builtins.concatStringsSep "\n" (map (d:
in
{
config = lib.mkIf cfg.enable {
- myServices.websites.webappDirs = {
- _mta-sts = root;
- };
-
services.websites.env.tools.vhostConfs.mta_sts = {
certName = "mail";
addToCerts = true;
hosts = ["mta-sts.mail.immae.eu"] ++ map (v: "mta-sts.${v.domain}") domains;
- root = "/run/current-system/webapps/_mta-sts";
+ root = root;
extraConfig = [
''
RewriteEngine on
RewriteCond %{HTTP_HOST} ^mta-sts.(.*)$
RewriteRule ^/.well-known/mta-sts.txt$ %{DOCUMENT_ROOT}/%1.txt [L]
- <Directory /run/current-system/webapps/_mta-sts>
+ <Directory ${root}>
Require all granted
Options -Indexes
</Directory>
projects / perso / Immae / Config / Nix.git / blobdiff