diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-05 16:31:38 +0200 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2022-05-05 16:31:38 +0200 |
commit | 2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e (patch) | |
tree | 53f0fa4a4849e8502914f69c5c3a8b70a079b3d3 | |
parent | 3d60ae47b24b39bf8d38087589db73c67aece1e5 (diff) | |
download | nixos-2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e.tar nixos-2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e.tar.gz nixos-2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e.tar.bz2 nixos-2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e.tar.xz nixos-2db9391d1775c2d79c1e4e253c3d7fc98f3bc28e.zip |
surtr: ...
-rw-r--r-- | hosts/surtr/email/ca/index.txt | 2 | ||||
-rw-r--r-- | hosts/surtr/email/ca/serial | 2 | ||||
-rw-r--r-- | hosts/surtr/email/default.nix | 1 |
3 files changed, 3 insertions, 2 deletions
diff --git a/hosts/surtr/email/ca/index.txt b/hosts/surtr/email/ca/index.txt index 5010b5fe..711193b2 100644 --- a/hosts/surtr/email/ca/index.txt +++ b/hosts/surtr/email/ca/index.txt | |||
@@ -1 +1 @@ | |||
V 320502135347Z 01 unknown /CN=gkleen | V 320502142416Z 02 unknown /CN=gkleen | ||
diff --git a/hosts/surtr/email/ca/serial b/hosts/surtr/email/ca/serial index 9e22bcb8..75016ea3 100644 --- a/hosts/surtr/email/ca/serial +++ b/hosts/surtr/email/ca/serial | |||
@@ -1 +1 @@ | |||
02 | 03 | ||
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 95885637..aebe03db 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
@@ -121,6 +121,7 @@ with lib; | |||
121 | command = "smtpd"; | 121 | command = "smtpd"; |
122 | args = [ | 122 | args = [ |
123 | "-o" "smtpd_tls_wrappermode=yes" | 123 | "-o" "smtpd_tls_wrappermode=yes" |
124 | "-o" "smtpd_tls_ask_ccert=yes" | ||
124 | "-o" "smtpd_tls_req_ccert=yes" | 125 | "-o" "smtpd_tls_req_ccert=yes" |
125 | "-o" "smtpd_client_restrictions=permit_tls_all_clientcerts,reject" | 126 | "-o" "smtpd_client_restrictions=permit_tls_all_clientcerts,reject" |
126 | "-o" "smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_tls_all_clientcerts,reject" | 127 | "-o" "smtpd_recipient_restrictions=reject_unauth_pipelining,reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_tls_all_clientcerts,reject" |