diff options
author | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-30 12:20:23 +0100 |
---|---|---|
committer | Gregor Kleen <gkleen@yggdrasil.li> | 2023-01-30 12:20:23 +0100 |
commit | cfc871cce6aefaa0ff64619780a807cba761c6b2 (patch) | |
tree | 965e8276ed36f11698b6c7d6eadab9f88d5f97c5 /hosts/surtr/email/default.nix | |
parent | aa54fe89b98d354d21141c589332ce7950ef2e59 (diff) | |
download | nixos-cfc871cce6aefaa0ff64619780a807cba761c6b2.tar nixos-cfc871cce6aefaa0ff64619780a807cba761c6b2.tar.gz nixos-cfc871cce6aefaa0ff64619780a807cba761c6b2.tar.bz2 nixos-cfc871cce6aefaa0ff64619780a807cba761c6b2.tar.xz nixos-cfc871cce6aefaa0ff64619780a807cba761c6b2.zip |
...
Diffstat (limited to 'hosts/surtr/email/default.nix')
-rw-r--r-- | hosts/surtr/email/default.nix | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 0d1ccf30..0e2a78eb 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
@@ -663,13 +663,18 @@ in { | |||
663 | }; | 663 | }; |
664 | }; | 664 | }; |
665 | 665 | ||
666 | security.acme.domains = { | 666 | security.acme.rfc2136Domains = { |
667 | "surtr.yggdrasil.li" = {}; | 667 | "surtr.yggdrasil.li" = { |
668 | } // listToAttrs (map (domain: nameValuePair "spm.${domain}" {}) spmDomains) | 668 | restartUnits = [ "postfix.service" "dovecot2.service" ]; |
669 | // listToAttrs (concatMap (domain: | 669 | }; |
670 | map (subdomain: nameValuePair subdomain {}) | 670 | } // listToAttrs (map (domain: nameValuePair "spm.${domain}" { restartUnits = ["nginx.service"]; }) spmDomains) |
671 | [domain "mailin.${domain}" "mailsub.${domain}" "imap.${domain}" "mta-sts.${domain}"] | 671 | // listToAttrs (concatMap (domain: [ |
672 | ) emailDomains); | 672 | (nameValuePair domain { restartUnits = ["postfix.service" "dovecot2.service"]; }) |
673 | (nameValuePair "mailin.${domain}" { restartUnits = ["postfix.service"]; }) | ||
674 | (nameValuePair "mailsub.${domain}" { restartUnits = ["postfix.service"]; }) | ||
675 | (nameValuePair "imap.${domain}" { restartUnits = ["dovecot2.service"]; }) | ||
676 | (nameValuePair "mta-sts.${domain}" { restartUnits = ["nginx.service"]; }) | ||
677 | ]) emailDomains); | ||
673 | 678 | ||
674 | systemd.services.postfix = { | 679 | systemd.services.postfix = { |
675 | serviceConfig.LoadCredential = [ | 680 | serviceConfig.LoadCredential = [ |
@@ -824,6 +829,9 @@ in { | |||
824 | }; | 829 | }; |
825 | }; | 830 | }; |
826 | systemd.services."postfix-ccert-sender-policy" = { | 831 | systemd.services."postfix-ccert-sender-policy" = { |
832 | after = [ "postgresql.service" ]; | ||
833 | bindsTo = [ "postgresql.service" ]; | ||
834 | |||
827 | serviceConfig = { | 835 | serviceConfig = { |
828 | Type = "notify"; | 836 | Type = "notify"; |
829 | 837 | ||