summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--hosts/surtr/email/default.nix5
-rw-r--r--modules/postfix-mta-sts-resolver.nix17
2 files changed, 14 insertions, 8 deletions
diff --git a/hosts/surtr/email/default.nix b/hosts/surtr/email/default.nix
index 9bdaac75..83bf02f5 100644
--- a/hosts/surtr/email/default.nix
+++ b/hosts/surtr/email/default.nix
@@ -726,6 +726,9 @@ in {
726 sopsFile = ./spm-keys.json; 726 sopsFile = ./spm-keys.json;
727 }; 727 };
728 728
729 services.postfix-mta-sts-resolver.enable = true; 729 services.postfix-mta-sts-resolver = {
730 enable = true;
731 loglevel = "debug";
732 };
730 }; 733 };
731} 734}
diff --git a/modules/postfix-mta-sts-resolver.nix b/modules/postfix-mta-sts-resolver.nix
index 9e126361..454f24f2 100644
--- a/modules/postfix-mta-sts-resolver.nix
+++ b/modules/postfix-mta-sts-resolver.nix
@@ -12,6 +12,11 @@ in {
12 12
13 redis = mkEnableOption "redis cache" // { default = true; example = false; }; 13 redis = mkEnableOption "redis cache" // { default = true; example = false; };
14 14
15 loglevel = mkOption {
16 type = types.enum ["debug" "info" "warn" "error" "fatal"];
17 default = "info";
18 };
19
15 settings = mkOption { 20 settings = mkOption {
16 type = types.attrs; 21 type = types.attrs;
17 }; 22 };
@@ -19,12 +24,10 @@ in {
19 }; 24 };
20 25
21 config = mkIf cfg.enable { 26 config = mkIf cfg.enable {
22 services.postfix-mta-sts-resolver.settings.path = "/run/postfix-mta-sts-resolver/map.sock"; 27 services.postfix-mta-sts-resolver.settings = {
23 services.postfix-mta-sts-resolver.settings.mode = 432; # 0o0660 28 path = "/run/postfix-mta-sts-resolver/map.sock";
24 29 mode = 432; # 0o0660
25 services.postfix-mta-sts-resolver.settings.cache = mkIf cfg.redis { 30 } // (optionalAttrs cfg.redis { cache.redis.url = "unix://${toString config.services.redis.servers.postfix-mta-sts-resolver.unixSocket}"; });
26 redis.url = "unix://${toString config.services.redis.servers.postfix-mta-sts-resolver.unixSocket}";
27 };
28 31
29 services.redis.servers.postfix-mta-sts-resolver = mkIf cfg.redis { 32 services.redis.servers.postfix-mta-sts-resolver = mkIf cfg.redis {
30 enable = true; 33 enable = true;
@@ -43,7 +46,7 @@ in {
43 before = ["postfix.service"]; 46 before = ["postfix.service"];
44 47
45 serviceConfig = { 48 serviceConfig = {
46 ExecStart = "${pkgs.postfix-mta-sts-resolver}/bin/mta-sts-daemon -c ${pkgs.writeText "mta-sts-daemon.yml" (generators.toYAML {} cfg.settings)}"; 49 ExecStart = "${pkgs.postfix-mta-sts-resolver}/bin/mta-sts-daemon -v ${cfg.loglevel} -c ${pkgs.writeText "mta-sts-daemon.yml" (generators.toYAML {} cfg.settings)}";
47 SupplementaryGroups = mkIf cfg.redis config.services.redis.servers.postfix-mta-sts-resolver.user; 50 SupplementaryGroups = mkIf cfg.redis config.services.redis.servers.postfix-mta-sts-resolver.user;
48 RuntimeDirectory = "postfix-mta-sts-resolver"; 51 RuntimeDirectory = "postfix-mta-sts-resolver";
49 52