This is not a feature specific to the mailserver. Indeed, the feature
was added to `system.autoUpgrade.allowReboot` with NixOS 19.09 and it
has better detection if a reboot is necessary.
For the system.autoUpgrade there is no kexec option, but the use was
discouraged.
Since NixOS 19.09 autoUpgrade also has the ability to do automatic
reboots. Its detection on whether a reboot is necessary is a bit more
sophisticated. Having this option in the mail-server implied to me that
it did something additionally, though it was just a feature which was
not included in NixOS at the time it was introduced for the mail-server.
Mentioning the fact in the documentation might help people not to get
confused why they should turn the `system.autoUpgrade.allowReboot` off
and instead use the mail-servers reboot flag.
This adds the option to add a customized userdb_mail parameter to the
Dovecot userdb, overriding the global mail_location setting. This
change applies to both mail delivery (handled via LMTP from postfix to
Dovecot), as well as Maildir access via IMAP etc. Furthermore, the UID
and GID can be customized to reflect the desired permissions. Finally,
the Dovecot virtual user home, holding the user's private state, can
be set.
These changes allow for great flexibility in the mail server
setup. For instance, users can selectively have their mail accessible
through a Maildir in their home directory, or via a purely virtual
user maintained under /var/vmail.
fts xapian does not publish configuration changes in a changelog. As a
result, some options that nixos mailserver was setting for it have been
ignored for several years. New options (process_limit) are now
recommended. This adapts the module to these changes.
The default value of partial= is 2, but fts_xapian 1.8.3 now requires it
to be at least 3, and fails loudly in case it is 2. As a result, this
change is required to support fts_xapian 1.8.3 and later.
This allows overwriting the default values for user_attrs to be empty
which is required when using virtual mailboxes with ldap accounts
that have posixAccount attributes set. When user_attrs is empty string
those are ignored then.
Allow the user to specify the name of the ACME configuration that the
mailserver should use. This allows users that request certificates that
aren't the FQDN of the mailserver, for example a wildcard certificate.
Without using umask there's a small time window where paths are world
readable. That is a bad idea to do for secret files (e.g. the dovecot
code path).