From 5b53d86f38bd8e42695a62be9a833beb66bbbba3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Isma=C3=ABl=20Bouya?= Date: Thu, 26 Dec 2019 18:55:50 +0100 Subject: [PATCH] Add xmpp-mail bridge --- modules/private/environment.nix | 2 ++ modules/private/mail/postfix.nix | 22 ++++++++++++++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) diff --git a/modules/private/environment.nix b/modules/private/environment.nix index 15e8f54..9bfb80a 100644 --- a/modules/private/environment.nix +++ b/modules/private/environment.nix @@ -259,6 +259,7 @@ in description = "Jabber configuration"; type = submodule { options = { + postfix_user_filter = mkOption { type = str; description = "Postfix filter to get xmpp users"; }; ldap = mkLdapOptions "Jabber" {}; postgresql = mkPsqlOptions "Jabber"; }; @@ -593,6 +594,7 @@ in description = "Mail script recipients"; type = attrsOf (submodule { options = { + external = mkEnableOption "Create a script_@mail.immae.eu external address"; src = mkOption { description = '' git source to fetch the script from. diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix index f8f86f6..9c4b87c 100644 --- a/modules/private/mail/postfix.nix +++ b/modules/private/mail/postfix.nix @@ -80,6 +80,23 @@ UNION SELECT '%s' AS destination ''; } + { + dest = "postfix/ldap_ejabberd_users_immae_fr"; + user = config.services.postfix.user; + group = config.services.postfix.group; + permissions = "0440"; + text = '' + server_host = ldaps://${config.myEnv.jabber.ldap.host}:636 + search_base = ${config.myEnv.jabber.ldap.base} + query_filter = ${config.myEnv.jabber.postfix_user_filter} + domain = immae.fr + bind_dn = ${config.myEnv.jabber.ldap.dn} + bind_pw = ${config.myEnv.jabber.ldap.password} + result_attribute = immaeXmppUid + result_format = ejabberd@localhost + version = 3 + ''; + } ]; networking.firewall.allowedTCPPorts = [ 25 465 587 ]; @@ -94,6 +111,7 @@ config.secrets.fullPaths."postfix/mysql_alias_maps" config.secrets.fullPaths."postfix/mysql_mailbox_maps" config.secrets.fullPaths."postfix/mysql_sender_login_maps" + config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr" ]; }; services.postfix = { @@ -161,7 +179,7 @@ virtual = pkgs.writeText "postfix-virtual" ( builtins.concatStringsSep "\n" ( lib.attrsets.mapAttrsToList ( - n: v: '' + n: v: lib.optionalString v.external '' script_${n}@mail.immae.eu ${n}@localhost, scripts@mail.immae.eu '' ) config.myEnv.mail.scripts @@ -182,7 +200,7 @@ alias_database = "\$alias_maps"; ### Virtual mailboxes config - virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"}"; + virtual_alias_maps = "hash:/etc/postfix/virtual mysql:${config.secrets.fullPaths."postfix/mysql_alias_maps"} ldap:${config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"}"; virtual_mailbox_domains = config.myEnv.mail.postfix.additional_mailbox_domains ++ lib.remove "localhost.immae.eu" (lib.remove null (lib.flatten (map (zone: map -- 2.41.0