makefu/stockholm
1
0
Fork 0
Code Issues Pull requests Actions 1 Packages Projects Releases Wiki Activity

krebs.exim-smarthost.dkim: support multiple domains

Browse source
This commit is contained in:
tv 2016-03-05 20:28:08 +01:00
parent 0106f4ff07
commit 421f346257
2 changed files with 26 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
krebs/3modules/exim-smarthost.nix
View file

@ -12,15 +12,9 @@ let
api = { api = {
enable = mkEnableOption "krebs.exim-smarthost"; enable = mkEnableOption "krebs.exim-smarthost";
# TODO DKIM for multiple domains
dkim = mkOption { dkim = mkOption {
default = null; type = types.listOf (types.submodule ({ config, ... }: {
type = types.nullOr (types.submodule ({ config, ... }: {
options = { options = {
canon = mkOption {
type = types.enum ["relaxed"];
default = "relaxed";
};
domain = mkOption { domain = mkOption {
type = types.str; type = types.str;
}; };
@ -38,6 +32,7 @@ let
}; };
}; };
})); }));
default = [];
}; };
internet-aliases = mkOption { internet-aliases = mkOption {
@ -100,10 +95,11 @@ let
}; };
imp = { imp = {
krebs.secret.files = mkIf (cfg.dkim != null) { krebs.secret.files = listToAttrs (flip map cfg.dkim (dkim: {
exim-dkim_private_key = cfg.dkim.private_key; name = "exim.dkim_private_key/${dkim.domain}";
}; value = dkim.private_key;
systemd.services = mkIf (cfg.dkim != null) { }));
systemd.services = mkIf (cfg.dkim != []) {
exim = { exim = {
after = [ "secret.service" ]; after = [ "secret.service" ];
requires = [ "secret.service" ]; requires = [ "secret.service" ];
@ -230,11 +226,11 @@ let
remote_smtp: remote_smtp:
driver = smtp driver = smtp
${optionalString (cfg.dkim != null) '' ${optionalString (cfg.dkim != []) ''
dkim_domain = ${cfg.dkim.domain} dkim_canon = relaxed
dkim_selector = ${cfg.dkim.selector} dkim_domain = $sender_address_domain
dkim_private_key = ${cfg.dkim.private_key.path} dkim_private_key = ''${lookup{$sender_address_domain}lsearch{${lsearch.dkim_private_key}}}
dkim_canon = ${cfg.dkim.canon} dkim_selector = ''${lookup{$sender_address_domain}lsearch{${lsearch.dkim_selector}}}
''} ''}
helo_data = ''${if eq{$acl_m_special_dom}{} \ helo_data = ''${if eq{$acl_m_special_dom}{} \
{$primary_hostname} \ {$primary_hostname} \
@ -264,10 +260,19 @@ let
}; };
lsearch = mapAttrs (name: set: toFile name (to-lsearch set)) { lsearch = mapAttrs (name: set: toFile name (to-lsearch set)) ({
inherit (cfg) internet-aliases; inherit (cfg) internet-aliases;
inherit (cfg) system-aliases; inherit (cfg) system-aliases;
}; } // optionalAttrs (cfg.dkim != []) {
dkim_private_key = flip map cfg.dkim (dkim: {
from = dkim.domain;
to = dkim.private_key.path;
});
dkim_selector = flip map cfg.dkim (dkim: {
from = dkim.domain;
to = dkim.selector;
});
});
to-lsearch = concatMapStringsSep "\n" ({ from, to, ... }: "${from}: ${to}"); to-lsearch = concatMapStringsSep "\n" ({ from, to, ... }: "${from}: ${to}");

6
tv/2configs/exim-smarthost.nix
View file

@ -5,9 +5,9 @@ with config.krebs.lib;
{ {
krebs.exim-smarthost = { krebs.exim-smarthost = {
enable = true; enable = true;
dkim = { dkim = [
domain = "viljetic.de"; { domain = "viljetic.de"; }
}; ];
sender_domains = [ sender_domains = [
"krebsco.de" "krebsco.de"
"shackspace.de" "shackspace.de"