thary/sp-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Add email options

Browse Source
This commit is contained in:
Thary
2025-09-13 15:44:04 +03:00
parent ff58cfa2f1
commit 507cc85239
2 changed files with 65 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
sp-modules/simple-nixos-mailserver/config.nix
View File

@@ -17,6 +17,14 @@ let
mailserver-service-account-token-name = "mailserver-service-account-token";
mailserver-service-account-token-fp = "/run/keys/${group}/kanidm-service-account-token"; # FIXME sync with auth module
};
modulesConfig = builtins.mapAttrs (
_: value: {
inherit (value) hashedPasswordFile sendOnly;
}
) config.sp.email;
extraDomains = lib.mapAttrsToList (_: value: value.subdomain) config.sp.email;
extraTargets = lib.mapAttrsToList (_: value: value.systemdTargets) config.sp.email;
in
lib.mkIf sp.modules.simple-nixos-mailserver.enable (
lib.mkMerge [
@@ -62,7 +70,7 @@ lib.mkIf sp.modules.simple-nixos-mailserver.enable (
mailserver = {
enable = true;
fqdn = sp.domain;
domains = [ sp.domain ];
domains = [ sp.domain ] ++ extraDomains;
localDnsResolver = false;
# A list of all login accounts. To create the password hashes, use
@@ -97,6 +105,7 @@ lib.mkIf sp.modules.simple-nixos-mailserver.enable (
};
}) sp.users
)
// modulesConfig
);
extraVirtualAliases = {
@@ -128,6 +137,9 @@ lib.mkIf sp.modules.simple-nixos-mailserver.enable (
postfix.serviceConfig.Slice = "simple_nixos_mailserver.slice";
rspamd.serviceConfig.Slice = "simple_nixos_mailserver.slice";
redis-rspamd.serviceConfig.Slice = "simple_nixos_mailserver.slice";
dovecot.wants = extraTargets;
dovecot2.wants = extraTargets;
};
slices."simple_nixos_mailserver" = {
name = "simple_nixos_mailserver.slice";
@@ -139,7 +151,7 @@ lib.mkIf sp.modules.simple-nixos-mailserver.enable (
(lib.mkIf is-auth-enabled {
mailserver = {
extraVirtualAliases = lib.mkForce { };
loginAccounts = lib.mkForce { };
loginAccounts = lib.mkForce modulesConfig;
# LDAP is needed for Postfix to query Kanidm about email address ownership.
# LDAP is needed for Dovecot also.
ldap = {