This is not a feature specific to the mailserver. Indeed, the feature
was added to `system.autoUpgrade.allowReboot` with NixOS 19.09 and it
has better detection if a reboot is necessary.
For the system.autoUpgrade there is no kexec option, but the use was
discouraged.
Since NixOS 19.09 autoUpgrade also has the ability to do automatic
reboots. Its detection on whether a reboot is necessary is a bit more
sophisticated. Having this option in the mail-server implied to me that
it did something additionally, though it was just a feature which was
not included in NixOS at the time it was introduced for the mail-server.
Mentioning the fact in the documentation might help people not to get
confused why they should turn the `system.autoUpgrade.allowReboot` off
and instead use the mail-servers reboot flag.
This adds the option to add a customized userdb_mail parameter to the
Dovecot userdb, overriding the global mail_location setting. This
change applies to both mail delivery (handled via LMTP from postfix to
Dovecot), as well as Maildir access via IMAP etc. Furthermore, the UID
and GID can be customized to reflect the desired permissions. Finally,
the Dovecot virtual user home, holding the user's private state, can
be set.
These changes allow for great flexibility in the mail server
setup. For instance, users can selectively have their mail accessible
through a Maildir in their home directory, or via a purely virtual
user maintained under /var/vmail.
fts xapian does not publish configuration changes in a changelog. As a
result, some options that nixos mailserver was setting for it have been
ignored for several years. New options (process_limit) are now
recommended. This adapts the module to these changes.
The default value of partial= is 2, but fts_xapian 1.8.3 now requires it
to be at least 3, and fails loudly in case it is 2. As a result, this
change is required to support fts_xapian 1.8.3 and later.
This allows overwriting the default values for user_attrs to be empty
which is required when using virtual mailboxes with ldap accounts
that have posixAccount attributes set. When user_attrs is empty string
those are ignored then.
Allow the user to specify the name of the ACME configuration that the
mailserver should use. This allows users that request certificates that
aren't the FQDN of the mailserver, for example a wildcard certificate.
Allow configuring lookups for users and their mail addresses from an
LDAP directory. The LDAP username will be used as an accountname as
opposed to the email address used as the `loginName` for declarative
accounts. Mailbox for LDAP users will be stored below
`/var/vmail/ldap/<account>`.
Configuring domains is out of scope, since domains require further
configuration within the NixOS mailserver construct to set up all
related services accordingly.
Aliases can already be configured using `mailserver.forwards` but could
be supported using LDAP at a later point.
Add a certificate scheme for using an existing ACME certificate without
setting up Nginx.
Also use names instead of magic numbers for certificate schemes.
This option has been initially in the mailserver.fullTextSearch
scope. However, this option modifies the location of all index files
of dovecot and not only those used by the full text search feature. It
is then more relevant to have this option in the mailserver top level
scope.
Moreover, the default option has been changed to null in order to keep
existing index files where they are: changing the index location means
recreating all index files. The fts documentation however recommend to
change this default location when enabling the fts feature.
The line type of this option make its concatenation cleaner: the user
doesn't have to manually add `\n` to its policydSPFExtraConfig value
when debug in set.
