summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2022-05-05 16:09:19 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2022-05-05 16:09:19 +0200
commit167be248f4d9131392962d57f937f78b63301835 (patch)
tree02064f35ed3f54d0d727eb2261bf44ecef577ede
parentfebe2a2ec81d4c98e4fed66e37116f7a8b1f39bf (diff)
downloadnixos-167be248f4d9131392962d57f937f78b63301835.tar
nixos-167be248f4d9131392962d57f937f78b63301835.tar.gz
nixos-167be248f4d9131392962d57f937f78b63301835.tar.bz2
nixos-167be248f4d9131392962d57f937f78b63301835.tar.xz
nixos-167be248f4d9131392962d57f937f78b63301835.zip
surtr: ...
-rw-r--r--hosts/surtr/email/ca/.gitignore8
-rw-r--r--hosts/surtr/email/ca/index.txt1
-rw-r--r--hosts/surtr/email/ca/index.txt.attr1
-rw-r--r--hosts/surtr/email/ca/serial1
-rw-r--r--hosts/surtr/email/default.nix2
5 files changed, 9 insertions, 4 deletions
diff --git a/hosts/surtr/email/ca/.gitignore b/hosts/surtr/email/ca/.gitignore
index 7c894574..bc1d3eaf 100644
--- a/hosts/surtr/email/ca/.gitignore
+++ b/hosts/surtr/email/ca/.gitignore
@@ -1,3 +1,5 @@
1ca.key 1*.key
2ca.cnf 2*.cnf
3*.old \ No newline at end of file 3*.old
4*.crt
5certs \ No newline at end of file
diff --git a/hosts/surtr/email/ca/index.txt b/hosts/surtr/email/ca/index.txt
new file mode 100644
index 00000000..5010b5fe
--- /dev/null
+++ b/hosts/surtr/email/ca/index.txt
@@ -0,0 +1 @@
V 320502135347Z 01 unknown /CN=gkleen
diff --git a/hosts/surtr/email/ca/index.txt.attr b/hosts/surtr/email/ca/index.txt.attr
new file mode 100644
index 00000000..8f7e63a3
--- /dev/null
+++ b/hosts/surtr/email/ca/index.txt.attr
@@ -0,0 +1 @@
unique_subject = yes
diff --git a/hosts/surtr/email/ca/serial b/hosts/surtr/email/ca/serial
new file mode 100644
index 00000000..9e22bcb8
--- /dev/null
+++ b/hosts/surtr/email/ca/serial
@@ -0,0 +1 @@
02
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix
index 9b3a0dea..165e0eb2 100644
--- a/hosts/surtr/email/default.nix
+++ b/hosts/surtr/email/default.nix
@@ -46,7 +46,7 @@ with lib;
46 smtp_tls_security_level = "dane"; 46 smtp_tls_security_level = "dane";
47 smtp_dns_support_level = "dnssec"; 47 smtp_dns_support_level = "dnssec";
48 48
49 tls_server_sni_maps = ''cidr:${pkgs.writeText "sni" '' 49 tls_server_sni_maps = ''texthash:${pkgs.writeText "sni" ''
50 bouncy.email /run/credentials/postfix.service/bouncy.email.sni.pem 50 bouncy.email /run/credentials/postfix.service/bouncy.email.sni.pem
51 mailin.bouncy.email /run/credentials/postfix.service/mailin.bouncy.email.sni.pem 51 mailin.bouncy.email /run/credentials/postfix.service/mailin.bouncy.email.sni.pem
52 mailsub.bouncy.email /run/credentials/postfix.service/mailsub.bouncy.email.sni.pem 52 mailsub.bouncy.email /run/credentials/postfix.service/mailsub.bouncy.email.sni.pem