diff options
| -rw-r--r-- | hosts/surtr/email/default.nix | 6 | 
1 files changed, 4 insertions, 2 deletions
| diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix index 58cb76d9..ff0c5e2a 100644 --- a/hosts/surtr/email/default.nix +++ b/hosts/surtr/email/default.nix | |||
| @@ -129,14 +129,16 @@ in { | |||
| 129 | setSendmail = true; | 129 | setSendmail = true; | 
| 130 | postmasterAlias = ""; rootAlias = ""; extraAliases = ""; | 130 | postmasterAlias = ""; rootAlias = ""; extraAliases = ""; | 
| 131 | destination = []; | 131 | destination = []; | 
| 132 | sslCert = "/run/credentials/postfix.service/surtr.yggdrasil.li.pem"; | ||
| 133 | sslKey = "/run/credentials/postfix.service/surtr.yggdrasil.li.key.pem"; | ||
| 134 | networks = []; | 132 | networks = []; | 
| 135 | config = let | 133 | config = let | 
| 136 | relay_ccert = "texthash:${pkgs.writeText "relay_ccert" ""}"; | 134 | relay_ccert = "texthash:${pkgs.writeText "relay_ccert" ""}"; | 
| 137 | in { | 135 | in { | 
| 138 | smtpd_tls_security_level = "may"; | 136 | smtpd_tls_security_level = "may"; | 
| 139 | 137 | ||
| 138 | smtpd_tls_chain_files = [ | ||
| 139 | "/run/credentials/postfix.service/surtr.yggdrasil.li.key.pem" "/run/credentials/postfix.service/surtr.yggdrasil.li.pem" | ||
| 140 | ]; | ||
| 141 | |||
| 140 | #the dh params | 142 | #the dh params | 
| 141 | smtpd_tls_dh1024_param_file = toString config.security.dhparams.params."postfix-1024".path; | 143 | smtpd_tls_dh1024_param_file = toString config.security.dhparams.params."postfix-1024".path; | 
| 142 | smtpd_tls_dh512_param_file = toString config.security.dhparams.params."postfix-512".path; | 144 | smtpd_tls_dh512_param_file = toString config.security.dhparams.params."postfix-512".path; | 
