diff options
-rw-r--r-- | hel.nix | 62 |
1 files changed, 38 insertions, 24 deletions
@@ -257,40 +257,54 @@ | |||
257 | destination = []; | 257 | destination = []; |
258 | relayHost = "uucp:ymir"; | 258 | relayHost = "uucp:ymir"; |
259 | recipientDelimiter = "+"; | 259 | recipientDelimiter = "+"; |
260 | extraMasterConf = '' | 260 | masterConfig = { |
261 | uucp unix - n n - - pipe flags=Fqhu user=uucp argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient) | 261 | uucp = { |
262 | sshsendmail unix - n n - - pipe flags=Fq user=postfix_ssh argv=${pkgs.openssh}/bin/ssh -F /var/db/postfix_ssh/ssh.config $nexthop sendmail -f $sender -G $recipient | 262 | type = "unix"; |
263 | ''; | 263 | private = true; |
264 | privileged = true; | ||
265 | chroot = false; | ||
266 | command = "pipe"; | ||
267 | args = [ "flags=Fqhu" "user=uucp" ''argv=${config.security.wrapperDir}/uux -z -a $sender - $nexthop!rmail ($recipient)'' ]; | ||
268 | }; | ||
269 | sshsendmail = { | ||
270 | type = "unix"; | ||
271 | private = true; | ||
272 | privileged = true; | ||
273 | chroot = false; | ||
274 | command = "pipe"; | ||
275 | args = [ "flags=Fq" "user=postfix_ssh" ''argv=argv=${pkgs.openssh}/bin/ssh -F /var/db/postfix_ssh/ssh.config $nexthop sendmail -f $sender -G $recipient'' ]; | ||
276 | }; | ||
277 | }; | ||
264 | transport = '' | 278 | transport = '' |
265 | odin.asgard.yggdrasil uucp:odin | 279 | odin.asgard.yggdrasil uucp:odin |
266 | ''; | 280 | ''; |
267 | extraConfig = '' | 281 | config = { |
268 | always_bcc = gkleen+sent@odin.asgard.yggdrasil | 282 | always_bcc = "gkleen+sent@odin.asgard.yggdrasil"; |
269 | 283 | ||
270 | default_transport = uucp:ymir | 284 | default_transport = "uucp:ymir"; |
271 | 285 | ||
272 | inet_interfaces = loopback-only | 286 | inet_interfaces = "loopback-only"; |
273 | 287 | ||
274 | authorized_submit_users = !uucp, static:anyone | 288 | authorized_submit_users = ["!uucp" "static:anyone"]; |
275 | message_size_limit = 0 | 289 | message_size_limit = 0; |
276 | 290 | ||
277 | sender_dependent_default_transport_maps = regexp:${pkgs.writeText "sender_relay" '' | 291 | sender_dependent_default_transport_maps = ''regexp:${pkgs.writeText "sender_relay" '' |
278 | /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ sshsendmail:math60.mathinst.loc | 292 | /@math(ematik)?\.(lmu|uni-muenchen)\.de$/ sshsendmail:math60.mathinst.loc |
279 | /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de | 293 | /@(cip|stud)\.ifi\.(lmu|uni-muenchen)\.de$/ smtp:smtp.ifi.lmu.de |
280 | /@campus\.lmu\.de$/ smtp:postout.lrz.de | 294 | /@campus\.lmu\.de$/ smtp:postout.lrz.de |
281 | ''} | 295 | ''}''; |
282 | 296 | ||
283 | smtp_sasl_auth_enable = yes | 297 | smtp_sasl_auth_enable = true; |
284 | smtp_sender_dependent_authentication = yes | 298 | smtp_sender_dependent_authentication = true; |
285 | smtp_sasl_tls_security_options = noanonymous | 299 | smtp_sasl_tls_security_options = "noanonymous"; |
286 | smtp_tls_security_level = dane | 300 | smtp_tls_security_level = "dane"; |
287 | smtp_sasl_password_maps = texthash:/var/db/postfix/sasl_passwd | 301 | smtp_sasl_password_maps = "texthash:/var/db/postfix/sasl_passwd"; |
288 | smtp_cname_overrides_servername = no | 302 | smtp_cname_overrides_servername = false; |
289 | smtp_always_send_ehlo = yes | 303 | smtp_always_send_ehlo = true; |
290 | 304 | ||
291 | smtp_tls_loglevel = 1 | 305 | smtp_tls_loglevel = 1; |
292 | smtp_dns_support_level = dnssec | 306 | smtp_dns_support_level = "dnssec"; |
293 | ''; | 307 | }; |
294 | }; | 308 | }; |
295 | 309 | ||
296 | printing = { | 310 | printing = { |