diff options
Diffstat (limited to 'modules/private/mail/postfix.nix')
-rw-r--r-- | modules/private/mail/postfix.nix | 36 |
1 files changed, 11 insertions, 25 deletions
diff --git a/modules/private/mail/postfix.nix b/modules/private/mail/postfix.nix index 46d45c1..0c95df5 100644 --- a/modules/private/mail/postfix.nix +++ b/modules/private/mail/postfix.nix | |||
@@ -34,30 +34,19 @@ | |||
34 | ''; | 34 | ''; |
35 | } | 35 | } |
36 | { | 36 | { |
37 | dest = "postfix/mysql_mailbox_maps"; | 37 | dest = "postfix/ldap_mailboxes"; |
38 | user = config.services.postfix.user; | 38 | user = config.services.postfix.user; |
39 | group = config.services.postfix.group; | 39 | group = config.services.postfix.group; |
40 | permissions = "0440"; | 40 | permissions = "0440"; |
41 | text = '' | 41 | text = '' |
42 | # We need to specify that option to trigger ssl connection | 42 | server_host = ldaps://${config.myEnv.mail.dovecot.ldap.host}:636 |
43 | tls_ciphers = TLSv1.2 | 43 | search_base = ${config.myEnv.mail.dovecot.ldap.base} |
44 | user = ${config.myEnv.mail.postfix.mysql.user} | 44 | query_filter = ${config.myEnv.mail.dovecot.ldap.postfix_mailbox_filter} |
45 | password = ${config.myEnv.mail.postfix.mysql.password} | 45 | bind_dn = ${config.myEnv.mail.dovecot.ldap.dn} |
46 | hosts = unix:${config.myEnv.mail.postfix.mysql.socket} | 46 | bind_pw = ${config.myEnv.mail.dovecot.ldap.password} |
47 | dbname = ${config.myEnv.mail.postfix.mysql.database} | 47 | result_attribute = immaePostfixAddress |
48 | result_format = /%d/%u | 48 | result_format = dummy |
49 | query = SELECT DISTINCT '%s' | 49 | version = 3 |
50 | FROM mailboxes | ||
51 | WHERE active = 1 | ||
52 | AND ( | ||
53 | (domain = '%d' AND user = '%u' AND regex = 0) | ||
54 | OR ( | ||
55 | regex = 1 | ||
56 | AND '%d' REGEXP CONCAT('^',domain,'$') | ||
57 | AND '%u' REGEXP CONCAT('^',user,'$') | ||
58 | ) | ||
59 | ) | ||
60 | LIMIT 1 | ||
61 | ''; | 50 | ''; |
62 | } | 51 | } |
63 | { | 52 | { |
@@ -180,7 +169,7 @@ | |||
180 | restart = true; | 169 | restart = true; |
181 | paths = [ | 170 | paths = [ |
182 | config.secrets.fullPaths."postfix/mysql_alias_maps" | 171 | config.secrets.fullPaths."postfix/mysql_alias_maps" |
183 | config.secrets.fullPaths."postfix/mysql_mailbox_maps" | 172 | config.secrets.fullPaths."postfix/ldap_mailboxes" |
184 | config.secrets.fullPaths."postfix/mysql_sender_login_maps" | 173 | config.secrets.fullPaths."postfix/mysql_sender_login_maps" |
185 | config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr" | 174 | config.secrets.fullPaths."postfix/ldap_ejabberd_users_immae_fr" |
186 | ]; | 175 | ]; |
@@ -274,8 +263,6 @@ | |||
274 | joined = builtins.concatStringsSep ","; | 263 | joined = builtins.concatStringsSep ","; |
275 | in pkgs.writeText "host-sender-login" | 264 | in pkgs.writeText "host-sender-login" |
276 | (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses)); | 265 | (builtins.concatStringsSep "\n" (mapAttrsToList (n: v: "${n} ${joined v}") addresses)); |
277 | host_dummy_mailboxes = pkgs.writeText "host-virtual-mailbox" | ||
278 | (builtins.concatStringsSep "\n" (["immae-eu@immae.eu dummy"] ++ lib.attrsets.mapAttrsToList (n: v: "${n}@immae.eu dummy") nodes)); | ||
279 | }; | 266 | }; |
280 | in | 267 | in |
281 | recipient_maps // relay_restrictions // virtual_map // sasl_access; | 268 | recipient_maps // relay_restrictions // virtual_map // sasl_access; |
@@ -308,8 +295,7 @@ | |||
308 | config.myEnv.dns.masterZones | 295 | config.myEnv.dns.masterZones |
309 | )); | 296 | )); |
310 | virtual_mailbox_maps = [ | 297 | virtual_mailbox_maps = [ |
311 | "hash:/etc/postfix/host_dummy_mailboxes" | 298 | "ldap:${config.secrets.fullPaths."postfix/ldap_mailboxes"}" |
312 | "mysql:${config.secrets.fullPaths."postfix/mysql_mailbox_maps"}" | ||
313 | ]; | 299 | ]; |
314 | dovecot_destination_recipient_limit = "1"; | 300 | dovecot_destination_recipient_limit = "1"; |
315 | virtual_transport = "dovecot"; | 301 | virtual_transport = "dovecot"; |