public
/
mail-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Create a mail directory

This commit is contained in:
niten 2023-09-30 18:54:17 -07:00
parent 99e9b6c519
commit 9d3c86a118
2 changed files with 13 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
dovecot.nix
View File

@ -17,6 +17,11 @@ in {
description = "Directory at which to store server state."; description = "Directory at which to store server state.";
}; };
mail-directory = mkOption {
type = str;
description = "Directory at which to store user email.";
};
ports = { ports = {
lmtp = mkOption { lmtp = mkOption {
type = port; type = port;
@ -192,7 +197,7 @@ in {
systemd = { systemd = {
tmpfiles.rules = [ tmpfiles.rules = [
"d ${cfg.state-directory} 0751 ${cfg.mail-user} ${cfg.mail-group} - -" "d ${cfg.state-directory} 0751 ${cfg.mail-user} ${cfg.mail-group} - -"
"d ${cfg.state-directory}/mail 0750 ${cfg.mail-user} ${cfg.mail-group} - -" "d ${cfg.mail-directory} 0750 ${cfg.mail-user} ${cfg.mail-group} - -"
"d ${cfg.state-directory}/sieves 0750 ${config.services.dovecot2.user} ${config.services.dovecot2.group} - -" "d ${cfg.state-directory}/sieves 0750 ${config.services.dovecot2.user} ${config.services.dovecot2.group} - -"
]; ];
@ -263,7 +268,7 @@ in {
mailUser = cfg.mail-user; mailUser = cfg.mail-user;
mailGroup = cfg.mail-group; mailGroup = cfg.mail-group;
mailLocation = "maildir:${cfg.state-directory}/mail/%u/"; mailLocation = "maildir:${cfg.mail-directory}/%u/";
createMailUser = false; createMailUser = false;
sslServerCert = cfg.ssl.certificate; sslServerCert = cfg.ssl.certificate;
@ -357,9 +362,7 @@ in {
# All users map to one actual system user # All users map to one actual system user
userdb { userdb {
driver = static driver = static
args = uid=${ args = uid=${toString mailUserUid} home=${cfg.mail-directory}/%u
toString mailUserUid
} home=${cfg.state-directory}/mail/%u
} }
service imap { service imap {

6
mail-server.nix
View File

@ -207,9 +207,10 @@ in {
"dn = ${cfg.ldap.bind-dn}" "dn = ${cfg.ldap.bind-dn}"
"dnpass = ${readFile cfg.ldap.bind-password-file}" "dnpass = ${readFile cfg.ldap.bind-password-file}"
"auth_bind = yes" "auth_bind = yes"
"auth_bind_userdn = cn=%u,${cfg.ldap.member-ou},${cfg.ldap.base}" "auth_bind_userdn = cn=%n,${cfg.ldap.member-ou},${cfg.ldap.base}"
"base = ${cfg.ldap.base}" "base = ${cfg.ldap.base}"
"user_filter = (&(objectClass=organizationalPerson)(cn=%n))" "user_filter = (&(objectClass=organizationalPerson)(cn=%n))"
"pass_filter = (&(objectClass=organizationalPerson)(cn=%n))"
]); ]);
target-file = "/run/dovecot-secret/ldap.conf"; target-file = "/run/dovecot-secret/ldap.conf";
}; };
@ -220,6 +221,7 @@ in {
"d ${cfg.state-directory}/dovecot-dhparams 0700 - - - -" "d ${cfg.state-directory}/dovecot-dhparams 0700 - - - -"
"d ${cfg.state-directory}/antivirus 0700 - - - -" "d ${cfg.state-directory}/antivirus 0700 - - - -"
"d ${cfg.state-directory}/dkim 0700 - - - -" "d ${cfg.state-directory}/dkim 0700 - - - -"
"d ${cfg.state-directory}/mail 0700 - - - -"
]; ];
virtualisation.arion.projects.mail-server.settings = let virtualisation.arion.projects.mail-server.settings = let
@ -316,6 +318,7 @@ in {
"${hostSecrets.dovecotLdapConfig.target-file}:/run/dovecot2/conf.d/ldap.conf:ro" "${hostSecrets.dovecotLdapConfig.target-file}:/run/dovecot2/conf.d/ldap.conf:ro"
"${cfg.imap.ssl-directory}:/run/certs/imap" "${cfg.imap.ssl-directory}:/run/certs/imap"
"${cfg.state-directory}/dovecot-dhparams:/var/lib/dhparams" "${cfg.state-directory}/dovecot-dhparams:/var/lib/dhparams"
"${cfg.state-directory}/mail:/mail"
]; ];
depends_on = [ "antispam" "ldap-proxy" ]; depends_on = [ "antispam" "ldap-proxy" ];
}; };
@ -329,6 +332,7 @@ in {
enable = true; enable = true;
debug = cfg.debug; debug = cfg.debug;
state-directory = "/state"; state-directory = "/state";
mail-directory = "/mail";
ports = { ports = {
lmtp = lmtpPort; lmtp = lmtpPort;
auth = authPort; auth = authPort;