ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-04-02 05:44:33 +05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'fix-ldap-mail-aliases' into 'master'

Browse Source 
set virtual_alias_maps for LDAP

Closes #304

See merge request simple-nixos-mailserver/nixos-mailserver!351
This commit is contained in:
Christian Ulrich 2025-03-22 10:48:00 +00:00
commit 7183b3238c
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
mail-server/postfix.nix
View File

@ -191,6 +191,20 @@ let
passwordFile = cfg.ldap.bind.passwordFile; passwordFile = cfg.ldap.bind.passwordFile;
destination = ldapVirtualMailboxMapFile; destination = ldapVirtualMailboxMapFile;
}; };
ldapVirtualAliasMap = pkgs.writeText "ldap-virtual-alias-map.cf" ''
${commonLdapConfig}
query_filter = ${cfg.ldap.postfix.filter}
result_attribute = ${cfg.ldap.postfix.mailAttribute}
'';
ldapVirtualAliasMapFile = "/run/postfix/ldap-virtual-alias-map.cf";
appendPwdInVirtualAliasMap = appendLdapBindPwd {
name = "ldap-virtual-alias-map";
file = ldapVirtualAliasMap;
prefix = "bind_pw = ";
passwordFile = cfg.ldap.bind.passwordFile;
destination = ldapVirtualAliasMapFile;
};
in in
{ {
config = with cfg; lib.mkIf enable { config = with cfg; lib.mkIf enable {
@ -198,6 +212,7 @@ in
systemd.services.postfix-setup = lib.mkIf cfg.ldap.enable { systemd.services.postfix-setup = lib.mkIf cfg.ldap.enable {
preStart = '' preStart = ''
${appendPwdInVirtualMailboxMap} ${appendPwdInVirtualMailboxMap}
${appendPwdInVirtualAliasMap}
${appendPwdInSenderLoginMap} ${appendPwdInSenderLoginMap}
''; '';
restartTriggers = [ appendPwdInVirtualMailboxMap appendPwdInSenderLoginMap ]; restartTriggers = [ appendPwdInVirtualMailboxMap appendPwdInSenderLoginMap ];
@ -242,6 +257,8 @@ in
]; ];
virtual_alias_maps = lib.mkAfter (lib.optionals (regex_valiases_postfix != {}) [ virtual_alias_maps = lib.mkAfter (lib.optionals (regex_valiases_postfix != {}) [
(mappedRegexFile "regex_valias") (mappedRegexFile "regex_valias")
] ++ lib.optionals (cfg.ldap.enable) [
"ldap:${ldapVirtualAliasMapFile}"
]); ]);
virtual_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; virtual_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp";
# Avoid leakage of X-Original-To, X-Delivered-To headers between recipients # Avoid leakage of X-Original-To, X-Delivered-To headers between recipients