commit 7f52135a59b6236be52decf5dba33c80dad06c73 · pyrox.dev/nixpkgs

+2 -2

nixos/doc/manual/release-notes/rl-2511.section.md

···

       118
       118
        
       

     

       119
       119
        
       - The Postfix module has been updated and likely requires configuration changes:

     

       120
       120
        
         - The `services.postfix.sslCert` and `sslKey` options were removed and you now need to configure

     

       121
       121
       -
           - [services.postfix.config.smtpd_tls_chain_files](#opt-services.postfix.config.smtpd_tls_chain_files) for server certificates,

     

       122
       122
       -
           - [services.postfix.config.smtp_tls_chain_files](#opt-services.postfix.config) for client certificates.

     

       121
       121
       +
           - [services.postfix.settings.main.smtpd_tls_chain_files](#opt-services.postfix.settings.main.smtpd_tls_chain_files) for server certificates,

     

       122
       122
       +
           - [services.postfix.settings.main.smtp_tls_chain_files](#opt-services.postfix.settings.main) for client certificates.

     

       123
       123
        
       

     

       124
       124
        
       - `vmalert` now supports multiple instances with the option `services.vmalert.instances."".enable`

     

       125
       125

+1 -1

nixos/modules/services/mail/mailman.md

···

       14
       14
        
       {

     

       15
       15
        
         services.postfix = {

     

       16
       16
        
           enable = true;

     

       17
       17
       -
           config = {

     

       17
       17
       +
           settings.main = {

     

       18
       18
        
             transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ];

     

       19
       19
        
             local_recipient_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ];

     

       20
       20
        
             relay_domains = [ "hash:/var/lib/mailman/data/postfix_domains" ];

+1 -1

nixos/modules/services/mail/mailman.nix

···

       554
       554
        
           ];

     

       555
       555
        
       

     

       556
       556
        
           services.postfix = lib.mkIf cfg.enablePostfix {

     

       557
       557
       -
             config = {

     

       557
       557
       +
             settings.main = {

     

       558
       558
        
               owner_request_special = "no"; # Mailman handles -owner addresses on its own

     

       559
       559
        
               recipient_delimiter = "+"; # bake recipient addresses in mail envelopes via VERP

     

       560
       560
        
             };

+2 -2

nixos/modules/services/mail/mlmmj.nix

···

       120
       120
        
       

     

       121
       121
        
           services.postfix = {

     

       122
       122
        
             enable = true;

     

       123
       123
       -
             config = {

     

       123
       123
       +
             settings.main = {

     

       124
       124
        
               recipient_delimiter = "+";

     

       125
       125
        
               propagate_unmatched_extensions = "virtual";

     

       126
       126
        
             };

     

       127
       127
       -
             masterConfig.mlmmj = {

     

       127
       127
       +
             settings.master.mlmmj = {

     

       128
       128
        
               type = "unix";

     

       129
       129
        
               private = true;

     

       130
       130
        
               privileged = true;

+1 -1

nixos/modules/services/mail/pfix-srsd.nix

···

       51
       51
        
       

     

       52
       52
        
         config = lib.mkMerge [

     

       53
       53
        
           (lib.mkIf (cfg.enable && cfg.configurePostfix && config.services.postfix.enable) {

     

       54
       54
       -
             services.postfix.config = {

     

       54
       54
       +
             services.postfix.settings.main = {

     

       55
       55
        
               sender_canonical_maps = [ "tcp:127.0.0.1:10001" ];

     

       56
       56
        
               sender_canonical_classes = [ "envelope_sender" ];

     

       57
       57
        
               recipient_canonical_maps = [ "tcp:127.0.0.1:10002" ];

+1 -1

nixos/modules/services/mail/postfix-tlspol.nix

···

       135
       135
        
         config = mkMerge [

     

       136
       136
        
           (mkIf (cfg.enable && config.services.postfix.enable && cfg.configurePostfix) {

     

       137
       137
        
             # https://github.com/Zuplu/postfix-tlspol#postfix-configuration

     

       138
       138
       -
             services.postfix.config = {

     

       138
       138
       +
             services.postfix.settings.main = {

     

       139
       139
        
               smtp_dns_support_level = "dnssec";

     

       140
       140
        
               smtp_tls_security_level = "dane";

     

       141
       141
        
               smtp_tls_policy_maps =

+240 -225

nixos/modules/services/mail/postfix.nix

···

       53
       53
        
             mkEntry = name: value: "${escape name} =${mkVal value}";

     

       54
       54
        
           in

     

       55
       55
        
           lib.concatStringsSep "\n" (

     

       56
       56
       -
             lib.mapAttrsToList mkEntry (lib.filterAttrsRecursive (_: value: value != null) cfg.config)

     

       56
       56
       +
             lib.mapAttrsToList mkEntry (lib.filterAttrsRecursive (_: value: value != null) cfg.settings.main)

     

       57
       57
        
           );

     

       58
       58
        
       

     

       59
       59
        
         masterCfOptions =

     
···

       235
       235
        
               ""

     

       236
       236
        
             ];

     

       237
       237
        
       

     

       238
       238
       -
             masterCf = lib.mapAttrsToList (lib.const (lib.getAttr "rawEntry")) cfg.masterConfig;

     

       238
       238
       +
             masterCf = lib.mapAttrsToList (lib.const (lib.getAttr "rawEntry")) cfg.settings.master;

     

       239
       239
        
       

     

       240
       240
        
             # A list of the maximum width of the columns across all lines and labels

     

       241
       241
        
             maxWidths =

     
···

       511
       511
        
               description = "The format the alias map should have. Use regexp if you want to use regular expressions.";

     

       512
       512
        
             };

     

       513
       513
        
       

     

       514
       514
       -
             config = lib.mkOption {

     

       515
       515
       -
               type = lib.types.submodule {

     

       516
       516
       -
                 freeformType =

     

       517
       517
       -
                   with types;

     

       518
       518
       -
                   attrsOf (

     

       519
       519
       -
                     nullOr (oneOf [

     

       520
       520
       -
                       bool

     

       521
       521
       -
                       int

     

       522
       522
       -
                       str

     

       523
       523
       -
                       (listOf str)

     

       524
       524
       -
                     ])

     

       525
       525
       -
                   );

     

       526
       526
       -
                 options = {

     

       527
       527
       -
                   message_size_limit = mkOption {

     

       528
       528
       -
                     type = with types; nullOr int;

     

       529
       529
       -
                     default = 10240000; # 10 MiB

     

       530
       530
       -
                     example = 52428800; # 50 MiB

     

       531
       531
       -
                     description = ''

     

       532
       532
       -
                       Maximum size of an email message in bytes.

     

       533
       533
       -
       

     

       534
       534
       -
                       <https://www.postfix.org/postconf.5.html#message_size_limit>

     

       535
       535
       -
                     '';

     

       536
       536
       -
                   };

     

       537
       537
       -
       

     

       538
       538
       -
                   mydestination = mkOption {

     

       539
       539
       -
                     type =

     

       540
       540
       -
                       with types;

     

       514
       514
       +
             settings = {

     

       515
       515
       +
               main = lib.mkOption {

     

       516
       516
       +
                 type = lib.types.submodule {

     

       517
       517
       +
                   freeformType =

     

       518
       518
       +
                     with types;

     

       519
       519
       +
                     attrsOf (

     

       541
       520
        
                       nullOr (oneOf [

     

       521
       521
       +
                         bool

     

       522
       522
       +
                         int

     

       542
       523
        
                         str

     

       543
       524
        
                         (listOf str)

     

       544
       544
       -
                       ]);

     

       545
       545
       -
                     default = [

     

       546
       546
       -
                       "$myhostname"

     

       547
       547
       -
                       "localhost.$mydomain"

     

       548
       548
       -
                       "localhost"

     

       549
       549
       -
                     ];

     

       550
       550
       -
                     description = ''

     

       551
       551
       -
                       List of domain names intended for local delivery using /etc/passwd and /etc/aliases.

     

       525
       525
       +
                       ])

     

       526
       526
       +
                     );

     

       527
       527
       +
                   options = {

     

       528
       528
       +
                     message_size_limit = mkOption {

     

       529
       529
       +
                       type = with types; nullOr int;

     

       530
       530
       +
                       default = 10240000; # 10 MiB

     

       531
       531
       +
                       example = 52428800; # 50 MiB

     

       532
       532
       +
                       description = ''

     

       533
       533
       +
                         Maximum size of an email message in bytes.

     

       534
       534
       +
       

     

       535
       535
       +
                         <https://www.postfix.org/postconf.5.html#message_size_limit>

     

       536
       536
       +
                       '';

     

       537
       537
       +
                     };

     

       538
       538
       +
       

     

       539
       539
       +
                     mydestination = mkOption {

     

       540
       540
       +
                       type =

     

       541
       541
       +
                         with types;

     

       542
       542
       +
                         nullOr (oneOf [

     

       543
       543
       +
                           str

     

       544
       544
       +
                           (listOf str)

     

       545
       545
       +
                         ]);

     

       546
       546
       +
                       default = [

     

       547
       547
       +
                         "$myhostname"

     

       548
       548
       +
                         "localhost.$mydomain"

     

       549
       549
       +
                         "localhost"

     

       550
       550
       +
                       ];

     

       551
       551
       +
                       description = ''

     

       552
       552
       +
                         List of domain names intended for local delivery using /etc/passwd and /etc/aliases.

     

       552
       553
        
       

     

       553
       553
       -
                       ::: {.warning}

     

       554
       554
       -
                       Do not include [virtual](https://www.postfix.org/VIRTUAL_README.html) domains in this list.

     

       555
       555
       -
                       :::

     

       554
       554
       +
                         ::: {.warning}

     

       555
       555
       +
                         Do not include [virtual](https://www.postfix.org/VIRTUAL_README.html) domains in this list.

     

       556
       556
       +
                         :::

     

       556
       557
        
       

     

       557
       557
       -
                       <https://www.postfix.org/postconf.5.html#mydestination>

     

       558
       558
       -
                     '';

     

       559
       559
       -
                   };

     

       558
       558
       +
                         <https://www.postfix.org/postconf.5.html#mydestination>

     

       559
       559
       +
                       '';

     

       560
       560
       +
                     };

     

       560
       561
        
       

     

       561
       561
       -
                   myhostname = mkOption {

     

       562
       562
       -
                     type = with types; nullOr types.str;

     

       563
       563
       -
                     default = null;

     

       564
       564
       -
                     example = "mail.example.com";

     

       565
       565
       -
                     description = ''

     

       566
       566
       -
                       The internet hostname of this mail system.

     

       562
       562
       +
                     myhostname = mkOption {

     

       563
       563
       +
                       type = with types; nullOr types.str;

     

       564
       564
       +
                       default = null;

     

       565
       565
       +
                       example = "mail.example.com";

     

       566
       566
       +
                       description = ''

     

       567
       567
       +
                         The internet hostname of this mail system.

     

       567
       568
        
       

     

       568
       568
       -
                       Leave unset to default to the system hostname with the {option}`mydomain` suffix.

     

       569
       569
       +
                         Leave unset to default to the system hostname with the {option}`mydomain` suffix.

     

       569
       570
        
       

     

       570
       570
       -
                       <https://www.postfix.org/postconf.5.html#myhostname>

     

       571
       571
       -
                     '';

     

       572
       572
       -
                   };

     

       571
       571
       +
                         <https://www.postfix.org/postconf.5.html#myhostname>

     

       572
       572
       +
                       '';

     

       573
       573
       +
                     };

     

       574
       574
       +
       

     

       575
       575
       +
                     mynetworks = mkOption {

     

       576
       576
       +
                       type = with types; nullOr (listOf str);

     

       577
       577
       +
                       default = null;

     

       578
       578
       +
                       example = [

     

       579
       579
       +
                         "127.0.0.0/8"

     

       580
       580
       +
                         "::1"

     

       581
       581
       +
                       ];

     

       582
       582
       +
                       description = ''

     

       583
       583
       +
                         List of trusted remote SMTP clients, that are allowed to relay mail.

     

       584
       584
       +
       

     

       585
       585
       +
                         Leave unset to let Postfix populate this list based on the {option}`mynetworks_style` setting.

     

       573
       586
        
       

     

       574
       574
       -
                   mynetworks = mkOption {

     

       575
       575
       -
                     type = with types; nullOr (listOf str);

     

       576
       576
       -
                     default = null;

     

       577
       577
       -
                     example = [

     

       578
       578
       -
                       "127.0.0.0/8"

     

       579
       579
       -
                       "::1"

     

       580
       580
       -
                     ];

     

       581
       581
       -
                     description = ''

     

       582
       582
       -
                       List of trusted remote SMTP clients, that are allowed to relay mail.

     

       587
       587
       +
                         <https://www.postfix.org/postconf.5.html#mynetworks>

     

       588
       588
       +
                       '';

     

       589
       589
       +
                     };

     

       583
       590
        
       

     

       584
       584
       -
                       Leave unset to let Postfix populate this list based on the {option}`mynetworks_style` setting.

     

       591
       591
       +
                     mynetworks_style = mkOption {

     

       592
       592
       +
                       type =

     

       593
       593
       +
                         with types;

     

       594
       594
       +
                         nullOr (enum [

     

       595
       595
       +
                           "host"

     

       596
       596
       +
                           "subnet"

     

       597
       597
       +
                           "class"

     

       598
       598
       +
                         ]);

     

       599
       599
       +
                       default = "host";

     

       600
       600
       +
                       description = ''

     

       601
       601
       +
                         The method used for generating the default value for {option}`mynetworks`, if that option is unset.

     

       585
       602
        
       

     

       586
       586
       -
                       <https://www.postfix.org/postconf.5.html#mynetworks>

     

       587
       587
       -
                     '';

     

       588
       588
       -
                   };

     

       603
       603
       +
                         <https://www.postfix.org/postconf.5.html#mynetworks_style>

     

       604
       604
       +
                       '';

     

       605
       605
       +
                     };

     

       589
       606
        
       

     

       590
       590
       -
                   mynetworks_style = mkOption {

     

       591
       591
       -
                     type =

     

       592
       592
       -
                       with types;

     

       593
       593
       -
                       nullOr (enum [

     

       594
       594
       -
                         "host"

     

       595
       595
       -
                         "subnet"

     

       596
       596
       -
                         "class"

     

       597
       597
       -
                       ]);

     

       598
       598
       -
                     default = "host";

     

       599
       599
       -
                     description = ''

     

       600
       600
       -
                       The method used for generating the default value for {option}`mynetworks`, if that option is unset.

     

       607
       607
       +
                     recipient_delimiter = lib.mkOption {

     

       608
       608
       +
                       type = with types; nullOr str;

     

       609
       609
       +
                       default = "";

     

       610
       610
       +
                       example = "+";

     

       611
       611
       +
                       description = ''

     

       612
       612
       +
                         Set of characters used as the delimiters for address extensions.

     

       601
       613
        
       

     

       602
       602
       -
                       <https://www.postfix.org/postconf.5.html#mynetworks_style>

     

       603
       603
       -
                     '';

     

       604
       604
       -
                   };

     

       614
       614
       +
                         This allows creating different forwarding rules per extension.

     

       605
       615
        
       

     

       606
       606
       -
                   recipient_delimiter = lib.mkOption {

     

       607
       607
       -
                     type = with types; nullOr str;

     

       608
       608
       -
                     default = "";

     

       609
       609
       -
                     example = "+";

     

       610
       610
       -
                     description = ''

     

       611
       611
       -
                       Set of characters used as the delimiters for address extensions.

     

       616
       616
       +
                         <https://www.postfix.org/postconf.5.html#recipient_delimiter>

     

       617
       617
       +
                       '';

     

       618
       618
       +
                     };

     

       612
       619
        
       

     

       613
       613
       -
                       This allows creating different forwarding rules per extension.

     

       620
       620
       +
                     relayhost = mkOption {

     

       621
       621
       +
                       type = with types; nullOr (listOf str);

     

       622
       622
       +
                       default = [ ];

     

       623
       623
       +
                       example = [ "[relay.example.com]:587" ];

     

       624
       624
       +
                       description = ''

     

       625
       625
       +
                         List of hosts to use for relaying outbound mail.

     

       614
       626
        
       

     

       615
       615
       -
                       <https://www.postfix.org/postconf.5.html#recipient_delimiter>

     

       616
       616
       -
                     '';

     

       617
       617
       -
                   };

     

       627
       627
       +
                         ::: {.note}

     

       628
       628
       +
                         Putting the hostname in angled brackets, e.g. `[relay.example.com]`, turns off MX and SRV lookups for the hostname.

     

       629
       629
       +
                         :::

     

       618
       630
        
       

     

       619
       619
       -
                   relayhost = mkOption {

     

       620
       620
       -
                     type = with types; nullOr (listOf str);

     

       621
       621
       -
                     default = [ ];

     

       622
       622
       -
                     example = [ "[relay.example.com]:587" ];

     

       623
       623
       -
                     description = ''

     

       624
       624
       -
                       List of hosts to use for relaying outbound mail.

     

       631
       631
       +
                         <https://www.postfix.org/postconf.5.html#relayhost>

     

       632
       632
       +
                       '';

     

       633
       633
       +
                     };

     

       625
       634
        
       

     

       626
       626
       -
                       ::: {.note}

     

       627
       627
       -
                       Putting the hostname in angled brackets, e.g. `[relay.example.com]`, turns off MX and SRV lookups for the hostname.

     

       628
       628
       -
                       :::

     

       635
       635
       +
                     relay_domains = mkOption {

     

       636
       636
       +
                       type = with types; nullOr (listOf str);

     

       637
       637
       +
                       default = [ ];

     

       638
       638
       +
                       example = [ "lists.example.com" ];

     

       639
       639
       +
                       description = ''

     

       640
       640
       +
                         List of domains delivered via the relay transport.

     

       629
       641
        
       

     

       630
       630
       -
                       <https://www.postfix.org/postconf.5.html#relayhost>

     

       631
       631
       -
                     '';

     

       632
       632
       -
                   };

     

       642
       642
       +
                         <https://www.postfix.org/postconf.5.html#relay_domains>

     

       643
       643
       +
                       '';

     

       644
       644
       +
                     };

     

       633
       645
        
       

     

       634
       634
       -
                   relay_domains = mkOption {

     

       635
       635
       -
                     type = with types; nullOr (listOf str);

     

       636
       636
       -
                     default = [ ];

     

       637
       637
       -
                     example = [ "lists.example.com" ];

     

       638
       638
       -
                     description = ''

     

       639
       639
       -
                       List of domains delivered via the relay transport.

     

       646
       646
       +
                     smtp_tls_CAfile = mkOption {

     

       647
       647
       +
                       type = types.path;

     

       648
       648
       +
                       default = config.security.pki.caBundle;

     

       649
       649
       +
                       defaultText = literalExpression ''

     

       650
       650
       +
                         config.security.pki.caBundle

     

       651
       651
       +
                       '';

     

       652
       652
       +
                       example = literalExpression ''

     

       653
       653
       +
                         ''${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt

     

       654
       654
       +
                       '';

     

       655
       655
       +
                       description = ''

     

       656
       656
       +
                         File containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates.

     

       640
       657
        
       

     

       641
       641
       -
                       <https://www.postfix.org/postconf.5.html#relay_domains>

     

       642
       642
       -
                     '';

     

       643
       643
       -
                   };

     

       658
       658
       +
                         Defaults to the system CA bundle that is managed through the `security.pki` options.

     

       644
       659
        
       

     

       645
       645
       -
                   smtp_tls_CAfile = mkOption {

     

       646
       646
       -
                     type = types.path;

     

       647
       647
       -
                     default = config.security.pki.caBundle;

     

       648
       648
       -
                     defaultText = literalExpression ''

     

       649
       649
       -
                       config.security.pki.caBundle

     

       650
       650
       -
                     '';

     

       651
       651
       -
                     example = literalExpression ''

     

       652
       652
       -
                       ''${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt

     

       653
       653
       -
                     '';

     

       654
       654
       -
                     description = ''

     

       655
       655
       -
                       File containing CA certificates of root CAs trusted to sign either remote SMTP server certificates or intermediate CA certificates.

     

       660
       660
       +
                         <https://www.postfix.org/postconf.5.html#smtp_tls_CAfile>

     

       661
       661
       +
                       '';

     

       662
       662
       +
                     };

     

       656
       663
        
       

     

       657
       657
       -
                       Defaults to the system CA bundle that is managed through the `security.pki` options.

     

       664
       664
       +
                     smtp_tls_security_level = mkOption {

     

       665
       665
       +
                       type = types.enum [

     

       666
       666
       +
                         "none"

     

       667
       667
       +
                         "may"

     

       668
       668
       +
                         "encrypt"

     

       669
       669
       +
                         "dane"

     

       670
       670
       +
                         "dane-only"

     

       671
       671
       +
                         "fingerprint"

     

       672
       672
       +
                         "verify"

     

       673
       673
       +
                         "secure"

     

       674
       674
       +
                       ];

     

       675
       675
       +
                       default = "may";

     

       676
       676
       +
                       description = ''

     

       677
       677
       +
                         The client TLS security level.

     

       658
       678
        
       

     

       659
       659
       -
                       <https://www.postfix.org/postconf.5.html#smtp_tls_CAfile>

     

       660
       660
       -
                     '';

     

       661
       661
       -
                   };

     

       679
       679
       +
                         ::: {.tip}

     

       680
       680
       +
                         Use `dane` with a local DNSSEC validating DNS resolver enabled.

     

       681
       681
       +
                         :::

     

       662
       682
        
       

     

       663
       663
       -
                   smtp_tls_security_level = mkOption {

     

       664
       664
       -
                     type = types.enum [

     

       665
       665
       -
                       "none"

     

       666
       666
       -
                       "may"

     

       667
       667
       -
                       "encrypt"

     

       668
       668
       -
                       "dane"

     

       669
       669
       -
                       "dane-only"

     

       670
       670
       -
                       "fingerprint"

     

       671
       671
       -
                       "verify"

     

       672
       672
       -
                       "secure"

     

       673
       673
       -
                     ];

     

       674
       674
       -
                     default = "may";

     

       675
       675
       -
                     description = ''

     

       676
       676
       -
                       The client TLS security level.

     

       683
       683
       +
                         <https://www.postfix.org/postconf.5.html#smtp_tls_security_level>

     

       684
       684
       +
                       '';

     

       685
       685
       +
                     };

     

       677
       686
        
       

     

       678
       678
       -
                       ::: {.tip}

     

       679
       679
       -
                       Use `dane` with a local DNSSEC validating DNS resolver enabled.

     

       680
       680
       -
                       :::

     

       687
       687
       +
                     smtpd_tls_chain_files = mkOption {

     

       688
       688
       +
                       type = with types; listOf path;

     

       689
       689
       +
                       default = [ ];

     

       690
       690
       +
                       example = [

     

       691
       691
       +
                         "/var/lib/acme/mail.example.com/privkey.pem"

     

       692
       692
       +
                         "/var/lib/acme/mail.example.com/fullchain.pem"

     

       693
       693
       +
                       ];

     

       694
       694
       +
                       description = ''

     

       695
       695
       +
                         List of paths to the server private keys and certificates.

     

       681
       696
        
       

     

       682
       682
       -
                       <https://www.postfix.org/postconf.5.html#smtp_tls_security_level>

     

       683
       683
       -
                     '';

     

       684
       684
       -
                   };

     

       697
       697
       +
                         ::: {.caution}

     

       698
       698
       +
                         The order of items matters and a private key must always be followed by the corresponding certificate.

     

       699
       699
       +
                         :::

     

       685
       700
        
       

     

       686
       686
       -
                   smtpd_tls_chain_files = mkOption {

     

       687
       687
       -
                     type = with types; listOf path;

     

       688
       688
       -
                     default = [ ];

     

       689
       689
       -
                     example = [

     

       690
       690
       -
                       "/var/lib/acme/mail.example.com/privkey.pem"

     

       691
       691
       -
                       "/var/lib/acme/mail.example.com/fullchain.pem"

     

       692
       692
       -
                     ];

     

       693
       693
       -
                     description = ''

     

       694
       694
       -
                       List of paths to the server private keys and certificates.

     

       701
       701
       +
                         <https://www.postfix.org/postconf.5.html#smtpd_tls_chain_files>

     

       702
       702
       +
                       '';

     

       703
       703
       +
                     };

     

       695
       704
        
       

     

       696
       696
       -
                       ::: {.caution}

     

       697
       697
       -
                       The order of items matters and a private key must always be followed by the corresponding certificate.

     

       698
       698
       -
                       :::

     

       705
       705
       +
                     smtpd_tls_security_level = mkOption {

     

       706
       706
       +
                       type = types.enum [

     

       707
       707
       +
                         "none"

     

       708
       708
       +
                         "may"

     

       709
       709
       +
                         "encrypt"

     

       710
       710
       +
                       ];

     

       711
       711
       +
                       default =

     

       712
       712
       +
                         if config.services.postfix.settings.main.smtpd_tls_chain_files != [ ] then "may" else "none";

     

       713
       713
       +
                       defaultText = lib.literalExpression ''

     

       714
       714
       +
                         if config.services.postfix.settings.main.smtpd_tls_chain_files != [ ] then "may" else "none"

     

       715
       715
       +
                       '';

     

       716
       716
       +
                       example = "may";

     

       717
       717
       +
                       description = ''

     

       718
       718
       +
                         The server TLS security level. Enable TLS by configuring at least `may`.

     

       699
       719
        
       

     

       700
       700
       -
                       <https://www.postfix.org/postconf.5.html#smtpd_tls_chain_files>

     

       701
       701
       -
                     '';

     

       720
       720
       +
                         <https://www.postfix.org/postconf.5.html#smtpd_tls_security_level>

     

       721
       721
       +
                       '';

     

       722
       722
       +
                     };

     

       702
       723
        
                   };

     

       724
       724
       +
                 };

     

       703
       725
        
       

     

       704
       704
       -
                   smtpd_tls_security_level = mkOption {

     

       705
       705
       -
                     type = types.enum [

     

       706
       706
       -
                       "none"

     

       707
       707
       -
                       "may"

     

       708
       708
       -
                       "encrypt"

     

       709
       709
       -
                     ];

     

       710
       710
       -
                     default = if config.services.postfix.config.smtpd_tls_chain_files != [ ] then "may" else "none";

     

       711
       711
       -
                     defaultText = lib.literalExpression ''

     

       712
       712
       -
                       if config.services.postfix.config.smtpd_tls_chain_files != [ ] then "may" else "none"

     

       713
       713
       -
                     '';

     

       714
       714
       -
                     example = "may";

     

       715
       715
       -
                     description = ''

     

       716
       716
       -
                       The server TLS security level. Enable TLS by configuring at least `may`.

     

       726
       726
       +
                 description = ''

     

       727
       727
       +
                   The main.cf configuration file as key value set.

     

       728
       728
       +
       

     

       729
       729
       +
                   Null values will not be rendered.

     

       717
       730
        
       

     

       718
       718
       -
                       <https://www.postfix.org/postconf.5.html#smtpd_tls_security_level>

     

       719
       719
       -
                     '';

     

       720
       720
       -
                   };

     

       731
       731
       +
                   ::: {.tip}

     

       732
       732
       +
                   Check `postconf -d` for the default values of all settings.

     

       733
       733
       +
                   :::

     

       734
       734
       +
                 '';

     

       735
       735
       +
                 example = {

     

       736
       736
       +
                   mail_owner = "postfix";

     

       737
       737
       +
                   smtp_tls_security_level = "may";

     

       721
       738
        
                 };

     

       722
       739
        
               };

     

       723
       740
        
       

     

       724
       724
       -
               description = ''

     

       725
       725
       -
                 The main.cf configuration file as key value set.

     

       741
       741
       +
               master = lib.mkOption {

     

       742
       742
       +
                 type = lib.types.attrsOf (lib.types.submodule masterCfOptions);

     

       743
       743
       +
                 default = { };

     

       744
       744
       +
                 example = {

     

       745
       745
       +
                   submission = {

     

       746
       746
       +
                     type = "inet";

     

       747
       747
       +
                     args = [

     

       748
       748
       +
                       "-o"

     

       749
       749
       +
                       "smtpd_tls_security_level=encrypt"

     

       750
       750
       +
                     ];

     

       751
       751
       +
                   };

     

       752
       752
       +
                 };

     

       753
       753
       +
                 description = ''

     

       754
       754
       +
                   The {file}`master.cf` configuration file as an attribute set of service

     

       755
       755
       +
                   defitions

     

       726
       756
        
       

     

       727
       727
       -
                 Null values will not be rendered.

     

       728
       728
       -
       

     

       729
       729
       -
                 ::: {.tip}

     

       730
       730
       -
                 Check `postconf -d` for the default values of all settings.

     

       731
       731
       -
                 :::

     

       732
       732
       -
               '';

     

       733
       733
       -
               example = {

     

       734
       734
       -
                 mail_owner = "postfix";

     

       735
       735
       -
                 smtp_tls_security_level = "may";

     

       757
       757
       +
                   ::: {.tip}

     

       758
       758
       +
                   Check <https://www.postfix.org/master.5.html> for possible settings.

     

       759
       759
       +
                   :::

     

       760
       760
       +
                 '';

     

       736
       761
        
               };

     

       762
       762
       +
       

     

       737
       763
        
             };

     

       738
       764
        
       

     

       739
       765
        
             canonical = lib.mkOption {

     
···

       797
       823
        
               description = "contents of check_client_access for overriding dnsBlacklists";

     

       798
       824
        
             };

     

       799
       825
        
       

     

       800
       800
       -
             masterConfig = lib.mkOption {

     

       801
       801
       -
               type = lib.types.attrsOf (lib.types.submodule masterCfOptions);

     

       802
       802
       -
               default = { };

     

       803
       803
       -
               example = {

     

       804
       804
       -
                 submission = {

     

       805
       805
       -
                   type = "inet";

     

       806
       806
       -
                   args = [

     

       807
       807
       -
                     "-o"

     

       808
       808
       -
                     "smtpd_tls_security_level=encrypt"

     

       809
       809
       -
                   ];

     

       810
       810
       -
                 };

     

       811
       811
       -
               };

     

       812
       812
       -
               description = ''

     

       813
       813
       -
                 An attribute set of service options, which correspond to the service

     

       814
       814
       -
                 definitions usually done within the Postfix

     

       815
       815
       -
                 {file}`master.cf` file.

     

       816
       816
       -
               '';

     

       817
       817
       -
             };

     

       818
       818
       -
       

     

       819
       826
        
             extraMasterConf = lib.mkOption {

     

       820
       827
        
               type = lib.types.lines;

     

       821
       828
        
               default = "";

     
···

       1016
       1023
        
                 };

     

       1017
       1024
        
               };

     

       1018
       1025
        
       

     

       1019
       1019
       -
               services.postfix.config =

     

       1026
       1026
       +
               services.postfix.settings.main =

     

       1020
       1027
        
                 (lib.mapAttrs (_: v: lib.mkDefault v) {

     

       1021
       1028
        
                   compatibility_level = pkgs.postfix.version;

     

       1022
       1029
        
                   mail_owner = cfg.user;

     
···

       1057
       1064
        
                   header_checks = [ "regexp:/etc/postfix/header_checks" ];

     

       1058
       1065
        
                 };

     

       1059
       1066
        
       

     

       1060
       1060
       -
               services.postfix.masterConfig = {

     

       1067
       1067
       +
               services.postfix.settings.master = {

     

       1061
       1068
        
                 pickup = {

     

       1062
       1069
        
                   private = false;

     

       1063
       1070
        
                   wakeup = 60;

     
···

       1216
       1223
        
       

     

       1217
       1224
        
         imports = [

     

       1218
       1225
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "sslCACert" ]

     

       1219
       1219
       -
             "services.postfix.sslCACert was replaced by services.postfix.tlsTrustedAuthorities. In case you intend that your server should validate requested client certificates use services.postfix.config.smtp_tls_CAfile."

     

       1226
       1226
       +
             "services.postfix.sslCACert was replaced by services.postfix.tlsTrustedAuthorities. In case you intend that your server should validate requested client certificates use services.postfix.settings.main.smtp_tls_CAfile."

     

       1220
       1227
        
           )

     

       1221
       1228
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "sslCert" ]

     

       1222
       1222
       -
             "services.postfix.sslCert was removed. Use services.postfix.config.smtpd_tls_chain_files for the server certificate, or services.postfix.config.smtp_tls_chain_files for the client certificate."

     

       1229
       1229
       +
             "services.postfix.sslCert was removed. Use services.postfix.settings.main.smtpd_tls_chain_files for the server certificate, or services.postfix.settings.main.smtp_tls_chain_files for the client certificate."

     

       1223
       1230
        
           )

     

       1224
       1231
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "sslKey" ]

     

       1225
       1225
       -
             "services.postfix.sslKey was removed. Use services.postfix.config.smtpd_tls_chain_files for server private key, or services.postfix.config.smtp_tls_chain_files for the client private key."

     

       1232
       1232
       +
             "services.postfix.sslKey was removed. Use services.postfix.settings.main.smtpd_tls_chain_files for server private key, or services.postfix.settings.main.smtp_tls_chain_files for the client private key."

     

       1226
       1233
        
           )

     

       1227
       1234
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "lookupMX" ]

     

       1228
       1228
       -
             "services.postfix.lookupMX was removed. Use services.postfix.config.relayhost and put the hostname in angled brackets, if you need to turn off MX and SRV lookups."

     

       1235
       1235
       +
             "services.postfix.lookupMX was removed. Use services.postfix.settings.main.relayhost and put the hostname in angled brackets, if you need to turn off MX and SRV lookups."

     

       1229
       1236
        
           )

     

       1230
       1237
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "relayHost" ]

     

       1231
       1231
       -
             "services.postfix.relayHost was removed in favor of services.postfix.config.relayhost, which now takes a list of host/port."

     

       1238
       1238
       +
             "services.postfix.relayHost was removed in favor of services.postfix.settings.main.relayhost, which now takes a list of host/port."

     

       1232
       1239
        
           )

     

       1233
       1240
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "relayPort" ]

     

       1234
       1234
       -
             "services.postfix.relayHost was removed in favor of services.postfix.config.relayhost, which now takes a list of host/port."

     

       1241
       1241
       +
             "services.postfix.relayHost was removed in favor of services.postfix.settings.main.relayhost, which now takes a list of host/port."

     

       1235
       1242
        
           )

     

       1236
       1243
        
           (lib.mkRemovedOptionModule [ "services" "postfix" "extraConfig" ]

     

       1237
       1237
       -
             "services.postfix.extraConfig was replaced by the structured freeform service.postfix.config option."

     

       1244
       1244
       +
             "services.postfix.extraConfig was replaced by the structured freeform service.postfix.settings.main option."

     

       1238
       1245
        
           )

     

       1239
       1246
        
           (lib.mkRenamedOptionModule

     

       1240
       1247
        
             [ "services" "postfix" "networks" ]

     

       1241
       1241
       -
             [ "services" "postfix" "config" "mynetworks" ]

     

       1248
       1248
       +
             [ "services" "postfix" "settings" "main" "mynetworks" ]

     

       1242
       1249
        
           )

     

       1243
       1250
        
           (lib.mkRenamedOptionModule

     

       1244
       1251
        
             [ "services" "postfix" "networkStyle" ]

     

       1245
       1245
       -
             [ "services" "postfix" "config" "mynetworks_style" ]

     

       1252
       1252
       +
             [ "services" "postfix" "settings" "main" "mynetworks_style" ]

     

       1246
       1253
        
           )

     

       1247
       1254
        
           (lib.mkRenamedOptionModule

     

       1248
       1255
        
             [ "services" "postfix" "hostname" ]

     

       1249
       1249
       -
             [ "services" "postfix" "config" "myhostname" ]

     

       1256
       1256
       +
             [ "services" "postfix" "settings" "main" "myhostname" ]

     

       1250
       1257
        
           )

     

       1251
       1258
        
           (lib.mkRenamedOptionModule

     

       1252
       1259
        
             [ "services" "postfix" "domain" ]

     

       1253
       1253
       -
             [ "services" "postfix" "config" "mydomain" ]

     

       1260
       1260
       +
             [ "services" "postfix" "settings" "main" "mydomain" ]

     

       1254
       1261
        
           )

     

       1255
       1262
        
           (lib.mkRenamedOptionModule

     

       1256
       1263
        
             [ "services" "postfix" "origin" ]

     

       1257
       1257
       -
             [ "services" "postfix" "config" "myorigin" ]

     

       1264
       1264
       +
             [ "services" "postfix" "settings" "main" "myorigin" ]

     

       1258
       1265
        
           )

     

       1259
       1266
        
           (lib.mkRenamedOptionModule

     

       1260
       1267
        
             [ "services" "postfix" "destination" ]

     

       1261
       1261
       -
             [ "services" "postfix" "config" "mydestination" ]

     

       1268
       1268
       +
             [ "services" "postfix" "settings" "main" "mydestination" ]

     

       1262
       1269
        
           )

     

       1263
       1270
        
           (lib.mkRenamedOptionModule

     

       1264
       1271
        
             [ "services" "postfix" "relayDomains" ]

     

       1265
       1265
       -
             [ "services" "postfix" "config" "relay_domains" ]

     

       1272
       1272
       +
             [ "services" "postfix" "settings" "main" "relay_domains" ]

     

       1266
       1273
        
           )

     

       1267
       1274
        
           (lib.mkRenamedOptionModule

     

       1268
       1275
        
             [ "services" "postfix" "recipientDelimiter" ]

     

       1269
       1269
       -
             [ "services" "postfix" "config" "recipient_delimiter" ]

     

       1276
       1276
       +
             [ "services" "postfix" "settings" "main" "recipient_delimiter" ]

     

       1270
       1277
        
           )

     

       1271
       1278
        
           (lib.mkRenamedOptionModule

     

       1272
       1279
        
             [ "services" "postfix" "tlsTrustedAuthoriies" ]

     

       1273
       1273
       -
             [ "services" "postfix" "config" "smtp_tls_CAfile" ]

     

       1280
       1280
       +
             [ "services" "postfix" "settings" "main" "smtp_tls_CAfile" ]

     

       1281
       1281
       +
           )

     

       1282
       1282
       +
           (lib.mkRenamedOptionModule

     

       1283
       1283
       +
             [ "services" "postfix" "config" ]

     

       1284
       1284
       +
             [ "services" "postfix" "settings" "main" ]

     

       1285
       1285
       +
           )

     

       1286
       1286
       +
           (lib.mkRenamedOptionModule

     

       1287
       1287
       +
             [ "services" "postfix" "masterConfig" ]

     

       1288
       1288
       +
             [ "services" "postfix" "settings" "master" ]

     

       1274
       1289
        
           )

     

       1275
       1290
        
       

     

       1276
       1291
        
           (lib.mkChangedOptionModule

     

       1277
       1292
        
             [ "services" "postfix" "useDane" ]

     

       1278
       1278
       -
             [ "services" "postfix" "config" "smtp_tls_security_level" ]

     

       1293
       1293
       +
             [ "services" "postfix" "settings" "main" "smtp_tls_security_level" ]

     

       1279
       1294
        
             (config: lib.mkIf config.services.postfix.useDane "dane")

     

       1280
       1295
        
           )

     

       1281
       1296
        
           (lib.mkRenamedOptionModule [ "services" "postfix" "useSrs" ] [ "services" "pfix-srsd" "enable" ])

+1 -1

nixos/modules/services/mail/postsrsd.nix

···

       235
       235
        
       

     

       236
       236
        
         config = lib.mkMerge [

     

       237
       237
        
           (lib.mkIf (cfg.enable && cfg.configurePostfix && config.services.postfix.enable) {

     

       238
       238
       -
             services.postfix.config = {

     

       238
       238
       +
             services.postfix.settings.main = {

     

       239
       239
        
               # https://github.com/roehling/postsrsd#configuration

     

       240
       240
        
               sender_canonical_maps = "socketmap:${cfg.settings.socketmap}:forward";

     

       241
       241
        
               sender_canonical_classes = "envelope_sender";

+2 -2

nixos/modules/services/mail/public-inbox.nix

···

       426
       426
        
           };

     

       427
       427
        
           services.postfix = mkIf (cfg.postfix.enable && cfg.mda.enable) {

     

       428
       428
        
             # Not sure limiting to 1 is necessary, but better safe than sorry.

     

       429
       429
       -
             config.public-inbox_destination_recipient_limit = "1";

     

       429
       429
       +
             settings.main.public-inbox_destination_recipient_limit = "1";

     

       430
       430
        
       

     

       431
       431
        
             # Register the addresses as existing

     

       432
       432
        
             virtual = concatStringsSep "\n" (

     
···

       443
       443
        
             );

     

       444
       444
        
       

     

       445
       445
        
             # The public-inbox transport

     

       446
       446
       -
             masterConfig.public-inbox = {

     

       446
       446
       +
             settings.master.public-inbox = {

     

       447
       447
        
               type = "unix";

     

       448
       448
        
               privileged = true; # Required for user=

     

       449
       449
        
               command = "pipe";

+1 -1

nixos/modules/services/mail/rspamd.nix

···

       451
       451
        
               '';

     

       452
       452
        
             };

     

       453
       453
        
           };

     

       454
       454
       -
           services.postfix.config = mkIf cfg.postfix.enable cfg.postfix.config;

     

       454
       454
       +
           services.postfix.settings.main = mkIf cfg.postfix.enable cfg.postfix.config;

     

       455
       455
        
       

     

       456
       456
        
           systemd.services.postfix = mkIf cfg.postfix.enable {

     

       457
       457
        
             serviceConfig.SupplementaryGroups = [ postfixCfg.group ];

+1 -1

nixos/modules/services/mail/schleuder.nix

···

       115
       115
        
                 flags=DRhu user=schleuder argv=/${pkgs.schleuder}/bin/schleuder work ''${recipient}

     

       116
       116
        
             '';

     

       117
       117
        
             transport = lib.mkIf (cfg.lists != [ ]) (postfixMap (lib.genAttrs cfg.lists (_: "schleuder:")));

     

       118
       118
       -
             config.schleuder_destination_recipient_limit = 1;

     

       118
       118
       +
             settings.main.schleuder_destination_recipient_limit = 1;

     

       119
       119
        
             # review: does this make sense?

     

       120
       120
        
             localRecipients = lib.mkIf (cfg.lists != [ ]) cfg.lists;

     

       121
       121
        
           };

+38 -36

nixos/modules/services/mail/sympa.nix

···

       585
       585
        
       

     

       586
       586
        
           services.postfix = lib.mkIf (cfg.mta.type == "postfix") {

     

       587
       587
        
             enable = true;

     

       588
       588
       -
             config = {

     

       589
       589
       -
               recipient_delimiter = "+";

     

       590
       590
       -
               virtual_alias_maps = [ "hash:${dataDir}/virtual.sympa" ];

     

       591
       591
       -
               virtual_mailbox_maps = [

     

       592
       592
       -
                 "hash:${dataDir}/transport.sympa"

     

       593
       593
       -
                 "hash:${dataDir}/sympa_transport"

     

       594
       594
       -
                 "hash:${dataDir}/virtual.sympa"

     

       595
       595
       -
               ];

     

       596
       596
       -
               virtual_mailbox_domains = [ "hash:${dataDir}/transport.sympa" ];

     

       597
       597
       -
               transport_maps = [

     

       598
       598
       -
                 "hash:${dataDir}/transport.sympa"

     

       599
       599
       -
                 "hash:${dataDir}/sympa_transport"

     

       600
       600
       -
               ];

     

       601
       601
       -
             };

     

       602
       602
       -
             masterConfig = {

     

       603
       603
       -
               "sympa" = {

     

       604
       604
       -
                 type = "unix";

     

       605
       605
       -
                 privileged = true;

     

       606
       606
       -
                 chroot = false;

     

       607
       607
       -
                 command = "pipe";

     

       608
       608
       -
                 args = [

     

       609
       609
       -
                   "flags=hqRu"

     

       610
       610
       -
                   "user=${user}"

     

       611
       611
       -
                   "argv=${pkg}/libexec/queue"

     

       612
       612
       -
                   "\${nexthop}"

     

       588
       588
       +
             settings = {

     

       589
       589
       +
               main = {

     

       590
       590
       +
                 recipient_delimiter = "+";

     

       591
       591
       +
                 virtual_alias_maps = [ "hash:${dataDir}/virtual.sympa" ];

     

       592
       592
       +
                 virtual_mailbox_maps = [

     

       593
       593
       +
                   "hash:${dataDir}/transport.sympa"

     

       594
       594
       +
                   "hash:${dataDir}/sympa_transport"

     

       595
       595
       +
                   "hash:${dataDir}/virtual.sympa"

     

       613
       596
        
                 ];

     

       614
       614
       -
               };

     

       615
       615
       -
               "sympabounce" = {

     

       616
       616
       -
                 type = "unix";

     

       617
       617
       -
                 privileged = true;

     

       618
       618
       -
                 chroot = false;

     

       619
       619
       -
                 command = "pipe";

     

       620
       620
       -
                 args = [

     

       621
       621
       -
                   "flags=hqRu"

     

       622
       622
       -
                   "user=${user}"

     

       623
       623
       -
                   "argv=${pkg}/libexec/bouncequeue"

     

       624
       624
       -
                   "\${nexthop}"

     

       597
       597
       +
                 virtual_mailbox_domains = [ "hash:${dataDir}/transport.sympa" ];

     

       598
       598
       +
                 transport_maps = [

     

       599
       599
       +
                   "hash:${dataDir}/transport.sympa"

     

       600
       600
       +
                   "hash:${dataDir}/sympa_transport"

     

       625
       601
        
                 ];

     

       602
       602
       +
               };

     

       603
       603
       +
               master = {

     

       604
       604
       +
                 "sympa" = {

     

       605
       605
       +
                   type = "unix";

     

       606
       606
       +
                   privileged = true;

     

       607
       607
       +
                   chroot = false;

     

       608
       608
       +
                   command = "pipe";

     

       609
       609
       +
                   args = [

     

       610
       610
       +
                     "flags=hqRu"

     

       611
       611
       +
                     "user=${user}"

     

       612
       612
       +
                     "argv=${pkg}/libexec/queue"

     

       613
       613
       +
                     "\${nexthop}"

     

       614
       614
       +
                   ];

     

       615
       615
       +
                 };

     

       616
       616
       +
                 "sympabounce" = {

     

       617
       617
       +
                   type = "unix";

     

       618
       618
       +
                   privileged = true;

     

       619
       619
       +
                   chroot = false;

     

       620
       620
       +
                   command = "pipe";

     

       621
       621
       +
                   args = [

     

       622
       622
       +
                     "flags=hqRu"

     

       623
       623
       +
                     "user=${user}"

     

       624
       624
       +
                     "argv=${pkg}/libexec/bouncequeue"

     

       625
       625
       +
                     "\${nexthop}"

     

       626
       626
       +
                   ];

     

       627
       627
       +
                 };

     

       626
       628
        
               };

     

       627
       629
        
             };

     

       628
       630
        
           };

+1 -1

nixos/modules/services/mail/zeyple.nix

···

       128
       128
        
               -o smtpd_authorized_xforward_hosts=127.0.0.0/8,[::1]/128

     

       129
       129
        
           '';

     

       130
       130
        
       

     

       131
       131
       -
           services.postfix.config.content_filter = "zeyple";

     

       131
       131
       +
           services.postfix.settings.main.content_filter = "zeyple";

     

       132
       132
        
         };

     

       133
       133
        
       }

+1 -1

nixos/modules/services/monitoring/parsedmarc.nix

···

       427
       427
        
       

     

       428
       428
        
           services.postfix = lib.mkIf cfg.provision.localMail.enable {

     

       429
       429
        
             enable = true;

     

       430
       430
       -
             config = {

     

       430
       430
       +
             settings.main = {

     

       431
       431
        
               myhostname = cfg.provision.localMail.hostname;

     

       432
       432
        
               myorigin = cfg.provision.localMail.hostname;

     

       433
       433
        
               mydestination = cfg.provision.localMail.hostname;

+2 -2

nixos/modules/services/web-apps/discourse.nix

···

       1077
       1077
        
           services.postfix = lib.mkIf cfg.mail.incoming.enable {

     

       1078
       1078
        
             enable = true;

     

       1079
       1079
        
       

     

       1080
       1080
       -
             config = {

     

       1080
       1080
       +
             settings.main = {

     

       1081
       1081
        
               smtpd_recipient_restrictions = "check_policy_service unix:private/discourse-policy";

     

       1082
       1082
        
               append_dot_mydomain = lib.mkDefault false;

     

       1083
       1083
        
               compatibility_level = "2";

     
···

       1097
       1097
        
             transport = ''

     

       1098
       1098
        
               ${cfg.hostname} discourse-mail-receiver:

     

       1099
       1099
        
             '';

     

       1100
       1100
       -
             masterConfig = {

     

       1100
       1100
       +
             settings.master = {

     

       1101
       1101
        
               "discourse-mail-receiver" = {

     

       1102
       1102
        
                 type = "unix";

     

       1103
       1103
        
                 privileged = true;

+1 -1

nixos/modules/services/web-apps/mastodon.nix

···

       1100
       1100
        
       

     

       1101
       1101
        
               services.postfix = lib.mkIf (cfg.smtp.createLocally && cfg.smtp.host == "127.0.0.1") {

     

       1102
       1102
        
                 enable = true;

     

       1103
       1103
       -
                 config.myhostname = lib.mkDefault "${cfg.localDomain}";

     

       1103
       1103
       +
                 settings.main.myhostname = lib.mkDefault "${cfg.localDomain}";

     

       1104
       1104
        
               };

     

       1105
       1105
        
       

     

       1106
       1106
        
               services.redis.servers.mastodon = lib.mkIf redisActuallyCreateLocally (

+1 -1

nixos/modules/services/web-apps/peertube.nix

···

       959
       959
        
       

     

       960
       960
        
           services.postfix = lib.mkIf cfg.smtp.createLocally {

     

       961
       961
        
             enable = true;

     

       962
       962
       -
             config.myhostname = lib.mkDefault "${cfg.localDomain}";

     

       962
       962
       +
             settings.main.myhostname = lib.mkDefault "${cfg.localDomain}";

     

       963
       963
        
           };

     

       964
       964
        
       

     

       965
       965
        
           users.users = lib.mkMerge [

+1 -1

nixos/tests/alps.nix

···

       28
       28
        
               enableSubmission = true;

     

       29
       29
        
               enableSubmissions = true;

     

       30
       30
        
       

     

       31
       31
       -
               config = {

     

       31
       31
       +
               settings.main = {

     

       32
       32
        
                 smtp_tls_CAfile = "${certs.ca.cert}";

     

       33
       33
        
                 smtpd_tls_chain_files = [

     

       34
       34
        
                   "${certs.${domain}.key}"

+1 -1

nixos/tests/discourse.nix

···

       107
       107
        
       

     

       108
       108
        
             services.postfix = {

     

       109
       109
        
               enable = true;

     

       110
       110
       -
               config = {

     

       110
       110
       +
               settings.main = {

     

       111
       111
        
                 compatibility_level = "2";

     

       112
       112
        
                 mydestination = [ clientDomain ];

     

       113
       113
        
                 myhostname = clientDomain;

+12 -10

nixos/tests/mailman.nix

···

       13
       13
        
             services.mailman.webHosts = [ "example.com" ];

     

       14
       14
        
       

     

       15
       15
        
             services.postfix.enable = true;

     

       16
       16
       -
             services.postfix.config.mydestination = [

     

       17
       17
       -
               "example.com"

     

       18
       18
       -
               "example.net"

     

       19
       19
       -
             ];

     

       20
       20
       -
             services.postfix.config.relay_domains = [ "hash:/var/lib/mailman/data/postfix_domains" ];

     

       21
       21
       -
             services.postfix.config.local_recipient_maps = [

     

       22
       22
       -
               "hash:/var/lib/mailman/data/postfix_lmtp"

     

       23
       23
       -
               "proxy:unix:passwd.byname"

     

       24
       24
       -
             ];

     

       25
       25
       -
             services.postfix.config.transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ];

     

       16
       16
       +
             services.postfix.settings.main = {

     

       17
       17
       +
               mydestination = [

     

       18
       18
       +
                 "example.com"

     

       19
       19
       +
                 "example.net"

     

       20
       20
       +
               ];

     

       21
       21
       +
               relay_domains = [ "hash:/var/lib/mailman/data/postfix_domains" ];

     

       22
       22
       +
               local_recipient_maps = [

     

       23
       23
       +
                 "hash:/var/lib/mailman/data/postfix_lmtp"

     

       24
       24
       +
                 "proxy:unix:passwd.byname"

     

       25
       25
       +
               ];

     

       26
       26
       +
               transport_maps = [ "hash:/var/lib/mailman/data/postfix_lmtp" ];

     

       27
       27
       +
             };

     

       26
       28
        
       

     

       27
       29
        
             users.users.user = {

     

       28
       30
        
               isNormalUser = true;

+1 -1

nixos/tests/matrix/synapse.nix

···

       187
       187
        
                 # blackhole transport

     

       188
       188
        
                 transport = "example.com discard:silently";

     

       189
       189
        
       

     

       190
       190
       -
                 config = {

     

       190
       190
       +
                 settings.main = {

     

       191
       191
        
                   myhostname = "${mailerDomain}";

     

       192
       192
        
                   # open relay for subnet

     

       193
       193
        
                   mynetworks_style = "subnet";

+1 -1

nixos/tests/parsedmarc/default.nix

···

       184
       184
        
                   services.postfix = {

     

       185
       185
        
                     enable = true;

     

       186
       186
        
                     origin = mailDomain;

     

       187
       187
       -
                     config = {

     

       187
       187
       +
                     settings.main = {

     

       188
       188
        
                       myhostname = mailDomain;

     

       189
       189
        
                       mydestination = mailDomain;

     

       190
       190
        
                     };

+1 -1

nixos/tests/postfix.nix

···

       13
       13
        
               enable = true;

     

       14
       14
        
               enableSubmission = true;

     

       15
       15
        
               enableSubmissions = true;

     

       16
       16
       -
               config = {

     

       16
       16
       +
               settings.main = {

     

       17
       17
        
                 smtp_tls_CAfile = "${certs.ca.cert}";

     

       18
       18
        
                 smtpd_tls_chain_files = [

     

       19
       19
        
                   certs.${domain}.key

+1 -1

nixos/tests/public-inbox.nix

···

       166
       166
        
               setSendmail = true;

     

       167
       167
        
               #sslCert = "${tls-cert}/cert.pem";

     

       168
       168
        
               #sslKey = "${tls-cert}/key.pem";

     

       169
       169
       -
               config.recipient_delimiter = "+";

     

       169
       169
       +
               settings.main.recipient_delimiter = "+";

     

       170
       170
        
             };

     

       171
       171
        
       

     

       172
       172
        
             environment.systemPackages = [

+1 -1

nixos/tests/rspamd.nix

···

       293
       293
        
             };

     

       294
       294
        
             services.postfix = {

     

       295
       295
        
               enable = true;

     

       296
       296
       -
               config.mydestination = [ "example.com" ];

     

       296
       296
       +
               settings.main.mydestination = [ "example.com" ];

     

       297
       297
        
             };

     

       298
       298
        
             services.rspamd = {

     

       299
       299
        
               enable = true;

+1 -1

nixos/tests/schleuder.nix

···

       11
       11
        
             services.postfix = {

     

       12
       12
        
               enable = true;

     

       13
       13
        
               enableSubmission = true;

     

       14
       14
       -
               config = {

     

       14
       14
       +
               settings.main = {

     

       15
       15
        
                 mydomain = domain;

     

       16
       16
        
                 destination = domain;

     

       17
       17
        
                 smtp_tls_CAfile = "${certs.ca.cert}";