Add xmpp-mail bridge

diff --git a/modules/private/environment.nix b/modules/private/environment.nix
index 15e8f5489f56729d4f00d471cb49c04ed8746f32..9bfb80a7609a7c2926e3894ef6311385150f1298 100644 (file)
--- a/modules/private/environment.nix
+++ b/modules/private/environment.nix
@@ -259,6 +259,7 @@ in
       description = "Jabber configuration";
       type = submodule {
         options = {
+          postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; };
           ldap = mkLdapOptions "Jabber" {};
           postgresql = mkPsqlOptions "Jabber";
         };
@@ -593,6 +594,7 @@ in
             description = "Mail script recipients";
             type = attrsOf (submodule {
               options = {
+                external = mkEnableOption "Create a script_<name>@mail.immae.eu external address";
                 src = mkOption {
                   description = ''
                     git source to fetch the script from.

diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix
index f8f86f6fea521b87be331b5d00b0a9e875ea21de..9c4b87c521641b77cd8fdfc1e944e4cc6cd47b6e 100644 (file)
--- a/modules/private/mail/postfix.nix
+++ b/modules/private/mail/postfix.nix
@@ -80,6 +80,23 @@
             UNION SELECT '%s' AS destination
           '';
       }
+      {
+        dest = "postfix/ldap_ejabberd_users_immae_fr";
+        user = config.services.postfix.user;
+        group = config.services.postfix.group;
+        permissions = "0440";
+        text = ''
+          server_host = ldaps://${config.myEnv.jabber.ldap.host}:636
+          search_base = ${config.myEnv.jabber.ldap.base}
+          query_filter = ${config.myEnv.jabber.postfix_user_filter}
+          domain = immae.fr
+          bind_dn = ${config.myEnv.jabber.ldap.dn}
+          bind_pw = ${config.myEnv.jabber.ldap.password}
+          result_attribute = immaeXmppUid
+          result_format = ejabberd@localhost
+          version = 3
+          '';
+      }
     ];
 
     networking.firewall.allowedTCPPorts = [ 25 465 587 ];
@@ -94,6 +111,7 @@
         config.secrets.fullPaths."postfix/mysql_alias_maps"
         config.secrets.fullPaths."postfix/mysql_mailbox_maps"
         config.secrets.fullPaths."postfix/mysql_sender_login_maps"
+        config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"
       ];
     };
     services.postfix = {
@@ -161,7 +179,7 @@
           virtual = pkgs.writeText "postfix-virtual" (
             builtins.concatStringsSep "\n" (
               lib.attrsets.mapAttrsToList (
-                n: v: ''
+                n: v: lib.optionalString v.external ''
                   script_${n}@mail.immae.eu ${n}@localhost, scripts@mail.immae.eu
                 ''
               ) config.myEnv.mail.scripts
@@ -182,7 +200,7 @@
         alias_database = "\$alias_maps";
 
         ### Virtual mailboxes config
-        virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"}";
+        virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"} ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}";
         virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains
         ++ lib.remove "localhost.immae.eu" (lib.remove null (lib.flatten (map
             (zone: map