1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 16:11:58 +00:00
Commit graph

351 commits

Author SHA1 Message Date
Luke Granger-Brown cfed3b8b22 treewide: update 21.03 to 21.05
The NixOS 21.03 release has been delayed to 21.05. See NixOS/rfcs#80.

There are two instances of 21.03 which have been left as is, since they
are in stateVersion comparisons. This will ensure that existing user
configurations which refer to 21.03 will continue to work.
2021-02-12 14:12:48 -08:00
Fritz Otlinghaus 8de8e40d64
nixos/postfix: add types (#111426) 2021-01-31 13:52:46 +01:00
volth bc0d605cf1 treewide: fix double quoted strings in meta.description
Signed-off-by: Ben Siraphob <bensiraphob@gmail.com>
2021-01-24 19:56:59 +07:00
Alyssa Ross 011d073393 nixos/postfix: deprecate services.postfix.useDane
Now that smtp_tls_security_level is using mkDefault, and therefore can
be overridden, there's no need for an option for overriding it to a
specific value.
2021-01-14 10:24:31 +00:00
Alyssa Ross 9ed5ee909b nixos/postfix: allow custom smtp_tls_security_level
I run Postfix on my workstation as a smarthost, where it only ever
talks to my SMTP server.  Because I know it'll only ever connect to
this server, and because I know this server supports TLS, I'd like to
set smtp_tls_security_level to "encrypt" so Postfix won't fall back to
an unencrypted connection.
2021-01-14 10:24:31 +00:00
Alyssa Ross c7d13b551e
nixos/mailman: remove spurious uwsgi.service dep
b478e0043c removed every other instance of uwsgi.service and
httpd.service from Mailman before and requiredBy lists.  This one
looks like it was just missed, since I can't see a reason to keep it
but remove the others.

Fixes: b478e0043c ("nixos/mailman: refactor")
2021-01-06 10:44:29 +00:00
Linus Heckemann cc786acdce
Merge pull request #105397 from kisik21/mailman-other-mta-support
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
2020-12-14 09:46:05 +01:00
Vika ad023b0c88
nixos/mailman: make Postfix support optional (provided you configure the MTA yourself)
Mailman can now work with MTAs other than Postfix. You'll have to configure
it yourself using the options in `services.mailman.settings.mta`.

This addition is reflected in the release notes for 21.03.
2020-12-14 02:41:30 +03:00
Alyssa Ross a2460414cb
nixos/mailman: run non-minutely jobs
Fixes: b478e0043c
 ("nixos/mailman: refactor")
2020-12-11 17:23:50 +00:00
Marc 'risson' Schmitt 27dacb8b4b
nixos/postfix: fix masterCf type
Signed-off-by: Marc 'risson' Schmitt <marc.schmitt@risson.space>
2020-12-10 18:49:05 +01:00
Jörg Thalheim b1ed5ffeab
Merge pull request #93293 from tnias/nixos_rspamd_20200716 2020-12-01 13:10:43 +00:00
Jörg Thalheim 3b6ef967f3
nixos/rspamd: fix postfix integration 2020-11-30 07:29:32 +01:00
Peter Simons 58f29d3ca8
Merge pull request #104721 from vkleen/postfix-smtp-fix
nixos.postfix: make postfix.enableSmtp work again
2020-11-24 08:58:35 +01:00
Viktor Kleen 6216c843ed
nixos/postfix: make postfix.enableSmtp work again
This fixes issue #104715.
2020-11-23 23:46:06 +00:00
zowoq dbbd289982 nixos/*: fix indentation 2020-11-23 08:42:51 +10:00
Niklas Hambüchen 91b20fb1aa roundcube service: Restart on config changes.
Until now, e.g. `extraConfig` changes did not reflect in
the system on `nixos-rebuild switch`.
2020-11-08 22:20:18 +01:00
freezeboy ee0e1e0bcb nixos(freepops): remove module 2020-11-03 10:45:29 +01:00
lf- b37bbca521 nixos/modules: fix systemd start rate-limits
These were broken since 2016:
f0367da7d1
since StartLimitIntervalSec got moved into [Unit] from [Service].
StartLimitBurst has also been moved accordingly, so let's fix that one
too.

NixOS systems have been producing logs such as:
/nix/store/wf98r55aszi1bkmln1lvdbp7znsfr70i-unit-caddy.service/caddy.service:31:
Unknown key name 'StartLimitIntervalSec' in section 'Service', ignoring.

I have also removed some unnecessary duplication in units disabling
rate limiting since setting either interval or burst to zero disables it
(ad16158c10/src/basic/ratelimit.c (L16))
2020-10-31 01:35:56 -07:00
Malte Brandy cebf9198f3
treewide: De-inline uses of lib.boolToString
This commit should not change eval results
2020-10-14 01:46:17 +02:00
Philipp Bartsch 9cca2eb4c8 nixos/rspamd: fixup cosmetics 2020-07-18 12:25:07 +02:00
Philipp Bartsch 7e9f3e9eb1 nixos/rspamd: add systemd service sandbox
Drop preStart script in favour of systemd StateDirectory parameter.
2020-07-16 21:15:22 +02:00
lewo 9534da25bf
Merge pull request #90115 from asbachb/postfix-tls
postfix: Replaced config key by recommendation and introduced usage of system trust store
2020-07-09 20:29:49 +02:00
Maximilian Bosch 87d7f0f0f3
Merge pull request #92329 from asbachb/roundcube/add-message-size
roundcube: Added new option `maxAttachmentSize` to configure max attachment size
2020-07-08 11:22:14 +02:00
Maximilian Bosch 5bc22adb5a
nixos/manual: fix build
Option names must be `opt-<full-option-name>` in docbook XML.
2020-07-08 11:09:01 +02:00
Benjamin Asbach 12e0d726fd roundcube: Added new option maxAttachmentSize to configure the maximum attachment size
The multiplication is used since roundcube uses only 70% of the php configured upload size.
2020-07-08 01:22:28 +02:00
Eric Wolf 8af58eda12
postfix: Add submissions option for postfix and test (#91691)
RFC 8314 suggests, for end user submission of
mails, SMTP over TLS on port 465 should be used.

Closes #91690
2020-07-06 03:37:56 +02:00
Benjamin Asbach 632104e5a4 postfix: deprecated sslCACert in favour of tlsTrustedAuthorities
`sslCACert` was used for trust store of client and server certificates. Since `smtpd_tls_ask_ccert` defaults to no the setup of `smtpd_tls_CApath` was removed.

>By default (see smtpd_tls_ask_ccert), client certificates are not requested, and smtpd_tls_CApath should remain empty.
see http://www.postfix.org/postconf.5.html#smtpd_tls_CAfile
2020-07-05 14:53:34 +02:00
Benjamin Asbach 9d697837f0 postfix: used recommended configuration key to enable tls
> With Postfix 2.3 and later use smtp_tls_security_level instead.

http://www.postfix.org/postconf.5.html#smtp_use_tls
2020-07-05 14:50:40 +02:00
Linus Heckemann d5cc8fb892 nixos/mailman: fix search index location 2020-06-18 17:23:34 +02:00
Linus Heckemann 176bc68a69 mailman: log to journal 2020-06-18 17:23:33 +02:00
Linus Heckemann 3dbbc786f5 nixos/mailman: RFC42-ise 2020-06-18 17:23:33 +02:00
Linus Heckemann 1b8af3e1ae nixos/mailman: fix clearing static files 2020-06-18 17:23:33 +02:00
Linus Heckemann 32c556b039 nixos/mailman: document, add maintainers 2020-06-18 17:23:29 +02:00
Linus Heckemann b478e0043c nixos/mailman: refactor
- Add serve.enable option, which configures uwsgi and nginx to serve
  the mailman-web application;
- Configure services to log to the journal, where possible. Mailman
  Core does not provide any options for this, but will now log to
  /var/log/mailman;
- Use a unified python environment for all components, with an
  extraPackages option to allow use of postgres support and similar;
- Configure mailman's postfix module such that it can generate the
  domain and lmtp maps;
- Fix formatting for option examples;
- Provide a mailman-web user to run the uwsgi service by default
- Refactor Hyperkitty's periodic jobs to reduce repetition in the
  expressions;
- Remove service dependencies not related to functionality included in
  the module, such as httpd -- these should be configured in user config
  when used;
- Move static files root to /var/lib/mailman-web-static by default. This avoids
  permission issues when a static file web server attempts to access
  /var/lib/mailman which is private to mailman. The location can still
  be changed by setting services.mailman.webSettings.STATIC_ROOT;
- Remove the webRoot option, which seems to have been included by
  accident, being an unsuitable directory for serving via HTTP.
- Rename mailman-web.service to mailman-web-setup.service, since it
  doesn't actually serve mailman-web. There is now a
  mailman-uwsgi.service if serve.enable is set to true.
2020-06-18 17:21:41 +02:00
Maximilian Bosch e826a6ce03
nixos/dovecot2: refactor mailboxes option
Specifying mailboxes as a list isn't a good approach since this makes it
impossible to override values. For backwards-compatibility, it's still
possible to declare a list of mailboxes, but a deprecation warning will
be shown.
2020-06-17 22:05:58 +02:00
Martin Weinelt 23c1374bd7
Merge pull request #90067 from mmilata/sympa-6.2.56
nixos/sympa: fix PATH_INFO splitting for sympa-6.2.56
2020-10-04 04:33:41 +02:00
Gabriel Ebner f26dcb4850
Merge pull request #93201 from symphorien/dovecot-namespace-mailbox
nixos/dovecot: configure mailboxes for all processes
2020-10-03 14:46:40 +02:00
Peter Hoeg 9123308be5 nixos/mailhog: run with DynamicUser 2020-09-07 17:56:53 +08:00
Philipp Bartsch 47928442a8 nixos/opendkim: add keyPath to ReadWritePaths 2020-09-03 17:54:16 +02:00
Philipp Bartsch 118f341723 nixos/opendkim: add systemd service sandbox 2020-09-03 17:54:15 +02:00
Symphorien Gibol 7200fde2d5 nixos/dovecot: configure mailboxes for all processes
Notably fts plugins need them for fts_autoindex_exclude = \SomeFlag
2020-08-28 22:24:04 +02:00
Silvan Mosberger fc121e2813
nixos/dovecot: Improve mailboxes type
The previous use of types.either disallowed assigning a list at one
point and an attrset an another.
2020-08-18 14:25:51 +02:00
Jörg Thalheim 0f2ee10cbf
Merge pull request #94270 from jerith666/postfix-dane
postfix: add useDane config option
2020-08-13 06:53:53 +01:00
Matt McHenry a45f1453eb postfix: add useDane config option 2020-08-12 21:18:36 -04:00
zowoq 8fb410c0ad nixos/*: editorconfig fixes 2020-08-08 10:54:16 +10:00
Maximilian Bosch fc179ef8a6
nixos/dovecot2: add autoexpunge setting
To automatically purge old email.

See also https://wiki.dovecot.org/MailboxSettings
2020-06-17 01:07:27 +02:00
Martin Milata bd4e4dddff nixos/sympa: fix PATH_INFO splitting for sympa-6.2.56
Our regex for splitting HTTP path into SCRIPT_NAME and PATH_INFO was
incorrect when webLocation was set to "/". Since Sympa 6.2.56 this has
caused the web interface to return "421 Misdirected Request".

Since 6.2.56 Sympa can do the splitting on its own so we can simply
remove it from nginx configuration.

See also:
- https://github.com/sympa-community/sympa/issues/879
- https://github.com/sympa-community/sympa/pull/910
- https://github.com/sympa-community/sympa-community.github.io/pull/53
2020-06-10 17:44:37 +02:00
José Romildo Malaquias a421af29e4
nixos/opensmtpd: add a setgid wrapper for smtpctl (#89962)
The setgid is currently required for offline enqueuing, and
unfortunately smtpctl is currently not split from sendmail so there's
little running around it.
2020-06-10 15:08:36 +02:00
Jörg Thalheim 43b3c15228
Merge pull request #87255 from symphorien/dovecot-restart-module 2020-05-08 15:05:10 +01:00
Symphorien Gibol 0f3b4928b2 dovecot: restart when modules are changed 2020-05-08 12:00:00 +00:00