diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-07-11 09:38:57 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-07-11 09:38:57 +0200 |
commit | e3cde575fddeb1dd60f69f86e34a4028ee6bb38f (patch) | |
tree | 385cd5a1f1237758ea3303a47589d54fe0d58391 | |
parent | 7f04383e716b8b5b67e28422d7d72896fb080918 (diff) | |
download | nixos-e3cde575fddeb1dd60f69f86e34a4028ee6bb38f.tar nixos-e3cde575fddeb1dd60f69f86e34a4028ee6bb38f.tar.gz nixos-e3cde575fddeb1dd60f69f86e34a4028ee6bb38f.tar.bz2 nixos-e3cde575fddeb1dd60f69f86e34a4028ee6bb38f.tar.xz nixos-e3cde575fddeb1dd60f69f86e34a4028ee6bb38f.zip |
...
-rw-r--r-- | hosts/surtr/email/default.nix | 5 | ||||
-rw-r--r-- | modules/postfix-mta-sts-resolver.nix | 17 |
2 files changed, 14 insertions, 8 deletions
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 9bdaac75..83bf02f5 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
@@ -726,6 +726,9 @@ in { | |||
726 | sopsFile = ./spm-keys.json; | 726 | sopsFile = ./spm-keys.json; |
727 | }; | 727 | }; |
728 | 728 | ||
729 | services.postfix-mta-sts-resolver.enable = true; | 729 | services.postfix-mta-sts-resolver = { |
730 | enable = true; | ||
731 | loglevel = "debug"; | ||
732 | }; | ||
730 | }; | 733 | }; |
731 | } | 734 | } |
diff --git a/modules/postfix-mta-sts-resolver.nix b/modules/postfix-mta-sts-resolver.nix index 9e126361..454f24f2 100644 --- a/modules/postfix-mta-sts-resolver.nix +++ b/modules/postfix-mta-sts-resolver.nix | |||
@@ -12,6 +12,11 @@ in { | |||
12 | 12 | ||
13 | redis = mkEnableOption "redis cache" // { default = true; example = false; }; | 13 | redis = mkEnableOption "redis cache" // { default = true; example = false; }; |
14 | 14 | ||
15 | loglevel = mkOption { | ||
16 | type = types.enum ["debug" "info" "warn" "error" "fatal"]; | ||
17 | default = "info"; | ||
18 | }; | ||
19 | |||
15 | settings = mkOption { | 20 | settings = mkOption { |
16 | type = types.attrs; | 21 | type = types.attrs; |
17 | }; | 22 | }; |
@@ -19,12 +24,10 @@ in { | |||
19 | }; | 24 | }; |
20 | 25 | ||
21 | config = mkIf cfg.enable { | 26 | config = mkIf cfg.enable { |
22 | services.postfix-mta-sts-resolver.settings.path = "/run/postfix-mta-sts-resolver/map.sock"; | 27 | services.postfix-mta-sts-resolver.settings = { |
23 | services.postfix-mta-sts-resolver.settings.mode = 432; # 0o0660 | 28 | path = "/run/postfix-mta-sts-resolver/map.sock"; |
24 | 29 | mode = 432; # 0o0660 | |
25 | services.postfix-mta-sts-resolver.settings.cache = mkIf cfg.redis { | 30 | } // (optionalAttrs cfg.redis { cache.redis.url = "unix://${toString config.services.redis.servers.postfix-mta-sts-resolver.unixSocket}"; }); |
26 | redis.url = "unix://${toString config.services.redis.servers.postfix-mta-sts-resolver.unixSocket}"; | ||
27 | }; | ||
28 | 31 | ||
29 | services.redis.servers.postfix-mta-sts-resolver = mkIf cfg.redis { | 32 | services.redis.servers.postfix-mta-sts-resolver = mkIf cfg.redis { |
30 | enable = true; | 33 | enable = true; |
@@ -43,7 +46,7 @@ in { | |||
43 | before = ["postfix.service"]; | 46 | before = ["postfix.service"]; |
44 | 47 | ||
45 | serviceConfig = { | 48 | serviceConfig = { |
46 | ExecStart = "${pkgs.postfix-mta-sts-resolver}/bin/mta-sts-daemon -c ${pkgs.writeText "mta-sts-daemon.yml" (generators.toYAML {} cfg.settings)}"; | 49 | ExecStart = "${pkgs.postfix-mta-sts-resolver}/bin/mta-sts-daemon -v ${cfg.loglevel} -c ${pkgs.writeText "mta-sts-daemon.yml" (generators.toYAML {} cfg.settings)}"; |
47 | SupplementaryGroups = mkIf cfg.redis config.services.redis.servers.postfix-mta-sts-resolver.user; | 50 | SupplementaryGroups = mkIf cfg.redis config.services.redis.servers.postfix-mta-sts-resolver.user; |
48 | RuntimeDirectory = "postfix-mta-sts-resolver"; | 51 | RuntimeDirectory = "postfix-mta-sts-resolver"; |
49 | 52 | ||