ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-03-31 07:59:52 +05:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into 'master'

Browse Source 
allow specifying extra domains for dkim signing

See merge request simple-nixos-mailserver/nixos-mailserver!363
This commit is contained in:
Yuka 2025-03-12 22:54:28 +00:00
commit f3753f2f42
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
default.nix
View File

@ -44,6 +44,13 @@ in
description = "The domains that this mail server serves.";
};
dkimDomains = mkOption {
type = types.listOf types.str;
example = [ "example.com" ];
default = [];
description = "The domains that this mail server serves.";
};
certificateDomains = mkOption {
type = types.listOf types.str;
example = [ "imap.example.com" "pop3.example.com" ];

11
mail-server/opendkim.nix
View File

@ -41,24 +41,27 @@ let
echo "Generated key for domain ${dom} selector ${cfg.dkimSelector}"
fi
'';
createAllCerts = lib.concatStringsSep "\n" (map createDomainDkimCert cfg.domains);
createAllCerts = lib.concatStringsSep "\n" (map createDomainDkimCert cfg.dkimDomains);
keyTable = pkgs.writeText "opendkim-KeyTable"
(lib.concatStringsSep "\n" (lib.flip map cfg.domains
(lib.concatStringsSep "\n" (lib.flip map cfg.dkimDomains
(dom: "${dom} ${dom}:${cfg.dkimSelector}:${cfg.dkimKeyDirectory}/${dom}.${cfg.dkimSelector}.key")));
signingTable = pkgs.writeText "opendkim-SigningTable"
(lib.concatStringsSep "\n" (lib.flip map cfg.domains (dom: "${dom} ${dom}")));
(lib.concatStringsSep "\n" (lib.flip map cfg.dkimDomains (dom: "${dom} ${dom}")));
dkim = config.services.opendkim;
args = [ "-f" "-l" ] ++ lib.optionals (dkim.configFile != null) [ "-x" dkim.configFile ];
in
{
config = mkIf (cfg.dkimSigning && cfg.enable) {
mailserver.dkimDomains = config.mailserver.domains;
services.opendkim = {
enable = true;
selector = cfg.dkimSelector;
keyPath = cfg.dkimKeyDirectory;
domains = "csl:${builtins.concatStringsSep "," cfg.domains}";
domains = "csl:${builtins.concatStringsSep "," cfg.dkimDomains}";
configFile = pkgs.writeText "opendkim.conf" (''
Canonicalization ${cfg.dkimHeaderCanonicalization}/${cfg.dkimBodyCanonicalization}
UMask 0002