From db535fc5efc4da170a2ee8bb74018ac042e7c186 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 7 Jun 2025 10:35:50 +0200 Subject: ... --- .../email/ccert-policy-server/ccert_policy_server/__main__.py | 2 +- hosts/surtr/postgresql/default.nix | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) (limited to 'hosts/surtr') diff --git a/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py b/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py index e87ae141..dfe98a76 100644 --- a/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py +++ b/hosts/surtr/email/ccert-policy-server/ccert_policy_server/__main__.py @@ -48,7 +48,7 @@ class PolicyHandler(StreamRequestHandler): cur.row_factory = namedtuple_row if relay_eligible: - cur.execute('SELECT EXISTS(SELECT true FROM "mailbox" INNER JOIN "relay_access" ON "mailbox".id = "relay_access"."mailbox" WHERE "mailbox"."mailbox" = %(user)s AND ("domain" = %(domain)s OR "domain" ilike CONCAT("%_.", %(domain)s)) as "exists"', params = {'user': user, 'domain': domain}) + cur.execute('SELECT EXISTS(SELECT true FROM "mailbox" INNER JOIN "relay_access" ON "mailbox".id = "relay_access"."mailbox" WHERE "mailbox"."mailbox" = %(user)s AND ("domain" = %(domain)s OR "domain" ilike CONCAT("%%_.", %(domain)s)) as "exists"', params = {'user': user, 'domain': domain}) if (row := cur.fetchone()) is not None: allowed = row.exists diff --git a/hosts/surtr/postgresql/default.nix b/hosts/surtr/postgresql/default.nix index 3640ff12..e29da0b8 100644 --- a/hosts/surtr/postgresql/default.nix +++ b/hosts/surtr/postgresql/default.nix @@ -297,7 +297,6 @@ in { COMMIT; - BEGIN; SELECT _v.register_patch('014-relay', ARRAY['000-base'], null); @@ -308,6 +307,13 @@ in { ); COMMIT; + + BEGIN; + SELECT _v.register_patch('015-relay-unique', ARRAY['000-base', '014-relay'], null); + + CREATE UNIQUE INDEX relay_unique ON relay_access (mailbox, domain); + + COMMIT; ''} psql etebase postgres -eXf ${pkgs.writeText "etebase.sql" '' -- cgit v1.2.3