From 1cf1f9162bd4556858a0190eee5bfd7ba0f7bb4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= Date: Fri, 13 Oct 2023 00:43:03 +0200 Subject: Allow imap login using alias e-mails --- systems/backup-2/flake.lock | 26 +++++++++++++------------- systems/dilion/flake.lock | 10 +++++----- systems/eldiron/flake.lock | 26 +++++++++++++------------- systems/eldiron/mail/dovecot.nix | 19 ++++++++++++++++++- systems/monitoring-1/flake.lock | 18 +++++++++--------- systems/quatresaisons/flake.lock | 10 +++++----- systems/zoldene/flake.lock | 6 +++--- 7 files changed, 66 insertions(+), 49 deletions(-) (limited to 'systems') diff --git a/systems/backup-2/flake.lock b/systems/backup-2/flake.lock index 3ca1baf..83ba265 100644 --- a/systems/backup-2/flake.lock +++ b/systems/backup-2/flake.lock @@ -22,7 +22,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-5xTmX1Pq80U/1q27508T1SVJDQXAdmTHGhVyA7lqnPg=", + "narHash": "sha256-ptLDqa3BTCX2orio9YgGsOwYa5bsz2DWn6TrtR2B45w=", "path": "../../flakes/private/chatons", "type": "path" }, @@ -74,7 +74,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -86,7 +86,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -98,7 +98,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -110,7 +110,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -122,7 +122,7 @@ "environment_5": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -134,7 +134,7 @@ "environment_6": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -146,7 +146,7 @@ "environment_7": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -352,7 +352,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-TYEdgBGt7mWEBdXMmuc+lmgRpsOJUlW55Y1atGlcpvU=", + "narHash": "sha256-1sEwMNWSytfyn4Rh5gUJACwCNgaTLdMDkO9hEr5OB7M=", "path": "../../flakes/private/mail-relay", "type": "path" }, @@ -371,7 +371,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-Q8RIW88dtLmxFy8ziw49PhWjU70fKJ8gO9SjdRr2ySw=", + "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", "path": "../../flakes/private/milters", "type": "path" }, @@ -389,7 +389,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-DN3hgnw6hXCrSGXep4mumwksWSggsuyyaKXuKvswXl8=", + "narHash": "sha256-OFfV6XJcWqdRCBlRKMFmlGyBQPKmsjNfIQPLZn2R/e4=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -925,7 +925,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-C75rGGf2EOkXc04RkzpTkyWOGF3GMZElDyvLSa4MsiI=", + "narHash": "sha256-/vQ6FGFc53r79yiQrzF0NWTbRd4RKf8QiPSDhmiCciU=", "path": "../../flakes/private/opendmarc", "type": "path" }, @@ -1104,7 +1104,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-V/T6CB1328uHUHNof3OFeqrDH8C73Dw8hVhpVvjq684=", + "narHash": "sha256-CCtWODUiUD8w0+GpDyFGCEgsKWukd26pUcwdACGZGTA=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/dilion/flake.lock b/systems/dilion/flake.lock index bd3cdd9..f15331b 100644 --- a/systems/dilion/flake.lock +++ b/systems/dilion/flake.lock @@ -59,7 +59,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -71,7 +71,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -83,7 +83,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -207,7 +207,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-DN3hgnw6hXCrSGXep4mumwksWSggsuyyaKXuKvswXl8=", + "narHash": "sha256-OFfV6XJcWqdRCBlRKMFmlGyBQPKmsjNfIQPLZn2R/e4=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -599,7 +599,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-V/T6CB1328uHUHNof3OFeqrDH8C73Dw8hVhpVvjq684=", + "narHash": "sha256-CCtWODUiUD8w0+GpDyFGCEgsKWukd26pUcwdACGZGTA=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/eldiron/flake.lock b/systems/eldiron/flake.lock index 5a60dab..3291993 100644 --- a/systems/eldiron/flake.lock +++ b/systems/eldiron/flake.lock @@ -129,7 +129,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -141,7 +141,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -153,7 +153,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -165,7 +165,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -177,7 +177,7 @@ "environment_5": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -189,7 +189,7 @@ "environment_6": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -1989,7 +1989,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-5xTmX1Pq80U/1q27508T1SVJDQXAdmTHGhVyA7lqnPg=", + "narHash": "sha256-ptLDqa3BTCX2orio9YgGsOwYa5bsz2DWn6TrtR2B45w=", "path": "../../flakes/private/chatons", "type": "path" }, @@ -2001,7 +2001,7 @@ "private-environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -2020,7 +2020,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-Q8RIW88dtLmxFy8ziw49PhWjU70fKJ8gO9SjdRr2ySw=", + "narHash": "sha256-x6nZbsijTyyeFsCiOHIXTPVsEGaGle3a1QDWsxlp51I=", "path": "../../flakes/private/milters", "type": "path" }, @@ -2038,7 +2038,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-DN3hgnw6hXCrSGXep4mumwksWSggsuyyaKXuKvswXl8=", + "narHash": "sha256-OFfV6XJcWqdRCBlRKMFmlGyBQPKmsjNfIQPLZn2R/e4=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -2073,7 +2073,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-C75rGGf2EOkXc04RkzpTkyWOGF3GMZElDyvLSa4MsiI=", + "narHash": "sha256-/vQ6FGFc53r79yiQrzF0NWTbRd4RKf8QiPSDhmiCciU=", "path": "../../flakes/private/opendmarc", "type": "path" }, @@ -2134,7 +2134,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-NufDaV9j3eKqlJNs09lqytKDTuwjh4Wh78mOEyID05w=", + "narHash": "sha256-gjapO6CZFeLMHUlhqBVZu5P+IJzJaPu4pnuTep4ZSuM=", "path": "../../flakes/private/ssh", "type": "path" }, @@ -2153,7 +2153,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-V/T6CB1328uHUHNof3OFeqrDH8C73Dw8hVhpVvjq684=", + "narHash": "sha256-CCtWODUiUD8w0+GpDyFGCEgsKWukd26pUcwdACGZGTA=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/eldiron/mail/dovecot.nix b/systems/eldiron/mail/dovecot.nix index a1282e3..9c9cd7c 100644 --- a/systems/eldiron/mail/dovecot.nix +++ b/systems/eldiron/mail/dovecot.nix @@ -44,6 +44,19 @@ in }; }; systemd.services.dovecot2.serviceConfig.Slice = "mail.slice"; + secrets.keys."dovecot/sql" = { + user = config.services.dovecot2.user; + group = config.services.dovecot2.group; + permissions = "0400"; + text = '' + driver = mysql + connect = host=${config.myEnv.mail.dovecot.mysql.socket} dbname=${config.myEnv.mail.dovecot.mysql.database} user=${config.myEnv.mail.dovecot.mysql.user} password=${config.myEnv.mail.dovecot.mysql.password} + password_query = SELECT NULL AS password, 'Y' as noauthenticate, destination AS user \ + FROM forwardings WHERE \ + ((regex = 1 AND '%u' REGEXP CONCAT('^',source,'$')) OR (regex = 0 AND source = '%u')) \ + AND active = 1 + ''; + }; secrets.keys."dovecot/ldap" = { user = config.services.dovecot2.user; group = config.services.dovecot2.group; @@ -81,7 +94,7 @@ in nixpkgs.overlays = [ (self: super: { - dovecot = super.dovecot.override { openldap = self.openldap_libressl_cyrus; }; + dovecot = super.dovecot.override { withMySQL = true; openldap = self.openldap_libressl_cyrus; }; }) ]; @@ -237,6 +250,10 @@ in '' first_valid_uid = ${toString config.ids.uids.vhost} disable_plaintext_auth = yes + passdb { + driver = sql + args = ${config.secrets.fullPaths."dovecot/sql"} + } passdb { driver = ldap args = ${config.secrets.fullPaths."dovecot/ldap"} diff --git a/systems/monitoring-1/flake.lock b/systems/monitoring-1/flake.lock index ec29221..6c46061 100644 --- a/systems/monitoring-1/flake.lock +++ b/systems/monitoring-1/flake.lock @@ -22,7 +22,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-5xTmX1Pq80U/1q27508T1SVJDQXAdmTHGhVyA7lqnPg=", + "narHash": "sha256-ptLDqa3BTCX2orio9YgGsOwYa5bsz2DWn6TrtR2B45w=", "path": "../../flakes/private/chatons", "type": "path" }, @@ -74,7 +74,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -86,7 +86,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -98,7 +98,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -110,7 +110,7 @@ "environment_4": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -122,7 +122,7 @@ "environment_5": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -259,7 +259,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-TYEdgBGt7mWEBdXMmuc+lmgRpsOJUlW55Y1atGlcpvU=", + "narHash": "sha256-1sEwMNWSytfyn4Rh5gUJACwCNgaTLdMDkO9hEr5OB7M=", "path": "../../flakes/private/mail-relay", "type": "path" }, @@ -277,7 +277,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-DN3hgnw6hXCrSGXep4mumwksWSggsuyyaKXuKvswXl8=", + "narHash": "sha256-OFfV6XJcWqdRCBlRKMFmlGyBQPKmsjNfIQPLZn2R/e4=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -735,7 +735,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-V/T6CB1328uHUHNof3OFeqrDH8C73Dw8hVhpVvjq684=", + "narHash": "sha256-CCtWODUiUD8w0+GpDyFGCEgsKWukd26pUcwdACGZGTA=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/quatresaisons/flake.lock b/systems/quatresaisons/flake.lock index e23bbde..449e255 100644 --- a/systems/quatresaisons/flake.lock +++ b/systems/quatresaisons/flake.lock @@ -59,7 +59,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -71,7 +71,7 @@ "environment_2": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -83,7 +83,7 @@ "environment_3": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -239,7 +239,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-DN3hgnw6hXCrSGXep4mumwksWSggsuyyaKXuKvswXl8=", + "narHash": "sha256-OFfV6XJcWqdRCBlRKMFmlGyBQPKmsjNfIQPLZn2R/e4=", "path": "../../flakes/private/monitoring", "type": "path" }, @@ -712,7 +712,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-V/T6CB1328uHUHNof3OFeqrDH8C73Dw8hVhpVvjq684=", + "narHash": "sha256-CCtWODUiUD8w0+GpDyFGCEgsKWukd26pUcwdACGZGTA=", "path": "../../flakes/private/system", "type": "path" }, diff --git a/systems/zoldene/flake.lock b/systems/zoldene/flake.lock index 6a88e80..e275833 100644 --- a/systems/zoldene/flake.lock +++ b/systems/zoldene/flake.lock @@ -59,7 +59,7 @@ "environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../environment", "type": "path" }, @@ -436,7 +436,7 @@ "private-environment": { "locked": { "lastModified": 1, - "narHash": "sha256-iW4Q8C1AR4i+Vm7KSaYUtXwTpVHCK0niGiZWnYboAtY=", + "narHash": "sha256-VO82m/95IcX3xxJ63wcLh3hXzXDRFKUohYil/18pBSY=", "path": "../../flakes/private/environment", "type": "path" }, @@ -455,7 +455,7 @@ }, "locked": { "lastModified": 1, - "narHash": "sha256-V/T6CB1328uHUHNof3OFeqrDH8C73Dw8hVhpVvjq684=", + "narHash": "sha256-CCtWODUiUD8w0+GpDyFGCEgsKWukd26pUcwdACGZGTA=", "path": "../../flakes/private/system", "type": "path" }, -- cgit v1.2.3