X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=modules%2Fprivate%2Fmail%2Fpostfix.nix;h=92fa580d42da6d13f4a6ec30778b5911d4c3f073;hp=4791b418a60d9194c67cf8fa31ebbbaa49d47f60;hb=5153eb54abab92497093fffa60c487c3523016d4;hpb=364b709fc590aca7ab9b38be97c91431abf011e1

diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix
index 4791b41..92fa580 100644
--- a/modules/private/mail/postfix.nix
+++ b/modules/private/mail/postfix.nix
@@ -350,6 +350,10 @@
           "unix:${config.myServices.mail.milters.sockets.openarc}"
           "unix:${config.myServices.mail.milters.sockets.opendmarc}"
         ];
+
+        smtp_use_tls = true;
+        smtpd_use_tls = true;
+        smtpd_tls_chain_files = builtins.concatStringsSep "," [ "/var/lib/acme/mail/full.pem" "/var/lib/acme/mail-rsa/full.pem" ];
       };
       enable = true;
       enableSmtp = true;
@@ -388,8 +392,6 @@
       # This needs to reverse DNS
       hostname = config.hostEnv.fqdn;
       setSendmail = true;
-      sslCert = "/var/lib/acme/mail/fullchain.pem";
-      sslKey = "/var/lib/acme/mail/key.pem";
       recipientDelimiter = "+";
       masterConfig = {
         submissions = {