pyrox.dev / nix
My Nix Configuration
fork atom

[prefect] allow port 25

pyrox.dev fa59dbe3 68f8cc8f

verified
options
unified split
Changed files
+23 -3
systems
x86_64-linux
prefect
firewall.nix
services
mailserver
stalwart
auth.nix
default.nix
session.nix
+1
systems/x86_64-linux/prefect/firewall.nix 
···

       
4

       
4

       
 

       
  networking.firewall = {


     

       
5

       
5

       
 

       
    enable = true;


     

       
6

       
6

       
 

       
    allowedTCPPorts = [


     

       

       
7

       
+

       
      25


     

       
7

       
8

       
 

       
      80


     

       
8

       
9

       
 

       
      143


     

       
9

       
10

       
 

       
      179
+1 -1
systems/x86_64-linux/prefect/services/mailserver/stalwart/auth.nix 
···

       
1

       
1

       
 

       
{ ifThen, otherwise }:


     

       
2

       
2

       
 

       
let


     

       
3

       
3

       
 

       
  relVer = [


     

       
4

       

       
-

       
    (ifThen "listener = 'smtp'" "relaxed")


     

       

       
4

       
+

       
    (ifThen "protocol = 'smtp'" "relaxed")


     

       
5

       
5

       
 

       
    (otherwise "disable")


     

       
6

       
6

       
 

       
  ];


     

       
7

       
7

       
 

       
in
+1 -1
systems/x86_64-linux/prefect/services/mailserver/stalwart/default.nix 
···

       
161

       
161

       
 

       
      # https://stalw.art/docs/email/maintenance


     

       
162

       
162

       
 

       
      email.auto-expunge = "180d";


     

       
163

       
163

       
 

       
      changes.max-history = 10000;


     

       
164

       

       
-

       
      session = import ./session.nix { inherit isAuthenticated otherwise; };


     

       

       
164

       
+

       
      session = import ./session.nix { inherit isAuthenticated otherwise ifThen; };


     

       
165

       
165

       
 

       
      queue = import ./queue.nix { inherit d ifThen otherwise; };


     

       
166

       
166

       
 

       
      # DNS Settings


     

       
167

       
167

       
 

       
      # https://stalw.art/docs/mta/outbound/dns
+20 -1
systems/x86_64-linux/prefect/services/mailserver/stalwart/session.nix 
···

       
1

       

       
-

       
{ isAuthenticated, otherwise }:


     

       

       
1

       
+

       
{


     

       

       
2

       
+

       
  isAuthenticated,


     

       

       
3

       
+

       
  otherwise,


     

       

       
4

       
+

       
  ifThen,


     

       

       
5

       
+

       
}:


     

       
2

       
6

       
 

       
# MTA Settings


     

       
3

       
7

       
 

       
# https://stalw.art/docs/mta/overview


     

       
4

       
8

       
 

       
{


     
···

       
8

       
12

       
 

       
  # # https://stalw.art/docs/mta/inbound/ehlo


     

       
9

       
13

       
 

       
  ehlo = {


     

       
10

       
14

       
 

       
    require = true;


     

       

       
15

       
+

       
    reject-non-fqdn = [


     

       

       
16

       
+

       
      (ifThen "protocol = 'smtp'" true)


     

       

       
17

       
+

       
      (otherwise false)


     

       

       
18

       
+

       
    ];


     

       
11

       
19

       
 

       
  };


     

       
12

       
20

       
 

       
  # # RCPT Stage


     

       
13

       
21

       
 

       
  # # https://stalw.art/docs/mta/inbound/rcpt


     
···

       
17

       
25

       
 

       
      (otherwise false)


     

       
18

       
26

       
 

       
    ];


     

       
19

       
27

       
 

       
    subaddressing = true;


     

       

       
28

       
+

       
  };


     

       

       
29

       
+

       
  auth = {


     

       

       
30

       
+

       
    mechanisms = [


     

       

       
31

       
+

       
      (ifThen "protocol != 'smtp'" "[plain, login]")


     

       

       
32

       
+

       
      (otherwise false)


     

       

       
33

       
+

       
    ];


     

       

       
34

       
+

       
    directory = "'default'";


     

       

       
35

       
+

       
    require = [


     

       

       
36

       
+

       
      (ifThen "protocol != 'smtp'" true)


     

       

       
37

       
+

       
      (otherwise false)


     

       

       
38

       
+

       
    ];


     

       
20

       
39

       
 

       
  };


     

       
21

       
40

       
 

       
  extensions =


     

       
22

       
41

       
 

       
    let