public
/
mail-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fuck solr then!

This commit is contained in:
niten 2023-10-13 16:20:20 -07:00
parent e1889af7eb
commit 7f6c999829
2 changed files with 2 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

56
dovecot.nix
View File

@ -167,17 +167,6 @@ in {
}; };
}; };
solr = {
host = mkOption {
type = str;
description = "Host providing full-text search with Solr.";
};
port = mkOption {
type = port;
description = "Port on which Solr is listening.";
};
};
max-user-connections = mkOption { max-user-connections = mkOption {
type = int; type = int;
description = "Maximum allowed simultaneous connections by one user."; description = "Maximum allowed simultaneous connections by one user.";
@ -224,50 +213,7 @@ in {
"d ${cfg.state-directory}/sieves 0750 ${config.services.dovecot2.user} ${config.services.dovecot2.group} - -" "d ${cfg.state-directory}/sieves 0750 ${config.services.dovecot2.user} ${config.services.dovecot2.group} - -"
]; ];
timers = { services = {
solr-commit = {
wantedBy = [ "timers.target" "dovecot2.service" ];
timerConfig = {
OnBootSec = "5m";
OnUnitActiveSec = "5m";
Unit = "solr-commit.service";
};
};
solr-optimize = {
wantedBy = [ "timers.target" "dovecot2.service" ];
timerConfig = {
OnBootSec = "12h";
OnUnitActiveSec = "12h";
Unit = "solr-optimize.service";
};
};
};
services = let
solrJob = params: {
requires = [ "dovecot2.service" ];
serviceConfig = {
ExecStart = "${pkgs.curl}/bin/curl http://${cfg.solr.host}:${
toString cfg.solr.port
}/solr/dovecot/update?${params}";
PrivateDevices = true;
PrivateTmp = true;
PrivateMounts = true;
ProtectControlGroups = true;
ProtectKernelTunables = true;
ProtectKernelModules = true;
ProtectSystem = true;
ProtectHome = true;
ProtectClock = true;
ProtectKernelLogs = true;
Type = "oneshot";
};
};
in {
solr-commit = solrJob "commit=true";
solr-optimize = solrJob "optimize=true";
prometheus-dovecot-exporter = { prometheus-dovecot-exporter = {
requires = [ "dovecot2.service" ]; requires = [ "dovecot2.service" ];
after = [ "dovecot2.service" ]; after = [ "dovecot2.service" ];

36
mail-server.nix
View File

@ -155,12 +155,6 @@ in {
description = "Docker image to use for LDAP proxy."; description = "Docker image to use for LDAP proxy.";
default = "ghcr.io/goauthentik/ldap"; default = "ghcr.io/goauthentik/ldap";
}; };
solr = mkOption {
type = str;
description = "Docker image to use for Solr full-text search.";
default = "lmmdock/dovecot-solr:latest";
};
}; };
smtp = { smtp = {
@ -214,18 +208,6 @@ in {
}; };
}; };
users = {
users.mail-server-solr = {
isSystemUser = true;
uid = 8983;
group = "mail-server-solr";
};
groups.mail-server-solr = {
gid = 8983;
members = [ "mail-server-solr" ];
};
};
fudo.secrets.host-secrets."${hostname}" = { fudo.secrets.host-secrets."${hostname}" = {
mailLdapProxyEnv = { mailLdapProxyEnv = {
source-file = pkgs.writeText "ldap-proxy.env" '' source-file = pkgs.writeText "ldap-proxy.env" ''
@ -269,7 +251,6 @@ in {
"d ${cfg.state-directory}/antivirus 0700 - - - -" "d ${cfg.state-directory}/antivirus 0700 - - - -"
"d ${cfg.state-directory}/dkim 0700 - - - -" "d ${cfg.state-directory}/dkim 0700 - - - -"
"d ${cfg.state-directory}/mail 0700 - - - -" "d ${cfg.state-directory}/mail 0700 - - - -"
"d ${cfg.state-directory}/solr 0700 mail-server-solr mail-server-solr - -"
]; ];
virtualisation.arion.projects.mail-server.settings = let virtualisation.arion.projects.mail-server.settings = let
@ -284,7 +265,6 @@ in {
internal_network.internal = true; internal_network.internal = true;
redis_network.internal = true; redis_network.internal = true;
ldap_network.internal = true; ldap_network.internal = true;
solr_network.internal = true;
}; };
services = let services = let
antivirusPort = 15407; antivirusPort = 15407;
@ -294,7 +274,6 @@ in {
authPort = 5447; authPort = 5447;
userdbPort = 5448; userdbPort = 5448;
dkimPort = 5734; dkimPort = 5734;
solrPort = 8983;
in { in {
smtp = { smtp = {
@ -369,8 +348,6 @@ in {
"external_network" "external_network"
# For authentication # For authentication
"ldap_network" "ldap_network"
# For full text search
"solr_network"
]; ];
ports = [ "143:143" "993:993" ]; ports = [ "143:143" "993:993" ];
volumes = [ volumes = [
@ -381,7 +358,7 @@ in {
"${cfg.state-directory}/dovecot-dhparams:/var/lib/dhparams" "${cfg.state-directory}/dovecot-dhparams:/var/lib/dhparams"
"${cfg.state-directory}/mail:/mail" "${cfg.state-directory}/mail:/mail"
]; ];
depends_on = [ "antispam" "ldap-proxy" "solr" ]; depends_on = [ "antispam" "ldap-proxy" ];
}; };
nixos = { nixos = {
useSystemd = true; useSystemd = true;
@ -410,10 +387,6 @@ in {
host = "antispam"; host = "antispam";
port = antispamPort; port = antispamPort;
}; };
solr = {
host = "solr";
port = solrPort;
};
ldap-conf = "/run/dovecot2/conf.d/ldap.conf"; ldap-conf = "/run/dovecot2/conf.d/ldap.conf";
admin-conf = "/run/dovecot2/conf.d/admin.conf"; admin-conf = "/run/dovecot2/conf.d/admin.conf";
}; };
@ -430,13 +403,6 @@ in {
]; ];
env_file = [ hostSecrets.mailLdapProxyEnv.target-file ]; env_file = [ hostSecrets.mailLdapProxyEnv.target-file ];
}; };
solr.service = {
image = cfg.images.solr;
restart = "always";
networks = [ "solr_network" ];
volumes = [ "${cfg.state-directory}/solr:/var/solr" ];
#user = "${toString config.users.users.mail-server-solr.uid}:8983";
};
antispam = { antispam = {
service = { service = {
networks = [ networks = [