Use ldap instead of mysql to fetch mailboxes

1 files changed, 11 insertions, 25 deletions

diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix
index 46d45c1..0c95df5 100644
--- a/modules/private/mail/postfix.nix
+++ b/modules/private/mail/postfix.nix
@@ -34,30 +34,19 @@
           '';
       }
       {
-        dest = "postfix/mysql_mailbox_maps";
+        dest = "postfix/ldap_mailboxes";
         user = config.services.postfix.user;
         group = config.services.postfix.group;
         permissions = "0440";
         text = ''
-          # We need to specify that option to trigger ssl connection
-          tls_ciphers = TLSv1.2
-          user = ${config.myEnv.mail.postfix.mysql.user}
-          password = ${config.myEnv.mail.postfix.mysql.password}
-          hosts = unix:${config.myEnv.mail.postfix.mysql.socket}
-          dbname = ${config.myEnv.mail.postfix.mysql.database}
-          result_format = /%d/%u
-          query = SELECT DISTINCT '%s'
-            FROM mailboxes
-            WHERE active = 1
-            AND (
-              (domain = '%d' AND user = '%u' AND regex = 0)
-              OR (
-                regex = 1
-                AND '%d' REGEXP CONCAT('^',domain,'$')
-                AND '%u' REGEXP CONCAT('^',user,'$')
-              )
-            )
-            LIMIT 1
+          server_host = ldaps://${config.myEnv.mail.dovecot.ldap.host}:636
+          search_base = ${config.myEnv.mail.dovecot.ldap.base}
+          query_filter = ${config.myEnv.mail.dovecot.ldap.postfix_mailbox_filter}
+          bind_dn = ${config.myEnv.mail.dovecot.ldap.dn}
+          bind_pw = ${config.myEnv.mail.dovecot.ldap.password}
+          result_attribute = immaePostfixAddress
+          result_format = dummy
+          version = 3
         '';
       }
       {
@@ -180,7 +169,7 @@
       restart = true;
       paths = [
         config.secrets.fullPaths."postfix/mysql_alias_maps"
-        config.secrets.fullPaths."postfix/mysql_mailbox_maps"
+        config.secrets.fullPaths."postfix/ldap_mailboxes"
         config.secrets.fullPaths."postfix/mysql_sender_login_maps"
         config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr"
       ];
@@ -274,8 +263,6 @@
             joined = builtins.concatStringsSep ",";
           in pkgs.writeText "host-sender-login"
             (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses));
-          host_dummy_mailboxes = pkgs.writeText "host-virtual-mailbox"
-            (builtins.concatStringsSep "\n" (["immae-eu@immae.eu dummy"] ++ lib.attrsets.mapAttrsToList (n: v: "${n}@immae.eu  dummy") nodes));
         };
       in
         recipient_maps // relay_restrictions // virtual_map // sasl_access;
@@ -308,8 +295,7 @@
             config.myEnv.dns.masterZones
           ));
         virtual_mailbox_maps = [
-          "hash:/etc/postfix/host_dummy_mailboxes"
-          "mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}"
+          "ldap:${config.secrets.fullPaths."postfix/ldap_mailboxes"}"
         ];
         dovecot_destination_recipient_limit = "1";
         virtual_transport = "dovecot";