nixos/gitlab: add option for tls wrapper-mode smtp (#116801)

This commit is contained in:
Milan 2021-03-20 15:05:29 +01:00 committed by GitHub
parent 3df0d950d8
commit 58804b24bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 0 deletions

View File

@ -196,6 +196,7 @@ let
domain: "${cfg.smtp.domain}", domain: "${cfg.smtp.domain}",
${optionalString (cfg.smtp.authentication != null) "authentication: :${cfg.smtp.authentication},"} ${optionalString (cfg.smtp.authentication != null) "authentication: :${cfg.smtp.authentication},"}
enable_starttls_auto: ${boolToString cfg.smtp.enableStartTLSAuto}, enable_starttls_auto: ${boolToString cfg.smtp.enableStartTLSAuto},
tls: ${boolToString cfg.smtp.tls},
ca_file: "/etc/ssl/certs/ca-certificates.crt", ca_file: "/etc/ssl/certs/ca-certificates.crt",
openssl_verify_mode: '${cfg.smtp.opensslVerifyMode}' openssl_verify_mode: '${cfg.smtp.opensslVerifyMode}'
} }
@ -463,6 +464,12 @@ in {
description = "Whether to try to use StartTLS."; description = "Whether to try to use StartTLS.";
}; };
tls = mkOption {
type = types.bool;
default = false;
description = "Whether to use TLS wrapper-mode.";
};
opensslVerifyMode = mkOption { opensslVerifyMode = mkOption {
type = types.str; type = types.str;
default = "peer"; default = "peer";