Commit Graph

549 Commits

Author SHA1 Message Date
Xavier Vello
289f71efe2 Retry tests twice on gitlab 2019-12-15 14:29:16 +01:00
Xavier Vello
d7b62bbb93 Update clamav test fixtures 2019-12-15 11:53:27 +01:00
Xavier Vello
9dae3d2cdc Run tests on 19.03 + 19.09 + unstable 2019-12-14 22:22:23 +01:00
Xavier Vello
5c6b6287d6 Fix extern test on 19.09
The openssl output format changed, breaking the
"dkim has user-specified size" test
2019-12-14 22:22:23 +01:00
Xavier Vello
43df84e1a0 Fix dovecot in 19.09+
Dovecot now requires at least 1024bits of dh params.
Test duration seems is not significantly increased.
2019-12-14 22:22:23 +01:00
Xavier Vello
5fb707e61a Update clamav test to use local fixtures
The current version fetches clamav-db-files from gitlab,
in the master branch. This is currently broken as the files
were removed, and does not allow to ensure a fixture update
does not break the test
2019-12-14 22:22:23 +01:00
Xavier Vello
81e4a49708 Restore tests and script deleted in b8661825 2019-12-14 22:22:10 +01:00
Maximilian Bosch
14cabd62e5
Trigger restart of postfix if passwords of mail accounts change 2019-10-18 21:21:01 +02:00
JosephTheEngineer
b866182532 Remove use of the deprecated string type 2019-09-22 13:32:37 +00:00
Martin Milata
ab33e87cea Delete leftover services.nix 2019-09-16 18:14:20 +02:00
Ruben Maher
b4f6d96365 fix: make surprising lmtp_save_to_detail_mailbox behaviour optional 2019-09-01 20:21:11 +09:00
Robin Raymond
4b480d1445 Merge branch 'metapensiero/nixos-mailserver-delimiter-master' 2019-08-13 19:57:31 +02:00
Robin Raymond
ee7bb07f25 Merge branch 'scintill/nixos-mailserver-dkim-bits' 2019-08-13 19:56:18 +02:00
Robin Raymond
0bf2bb0b54 Merge branch 'scintill/nixos-mailserver-fix-tests' 2019-08-13 19:51:16 +02:00
Alberto Berti
76922632ca Merge branch 'verbose-spam-header' into verbose-spam-header-master 2019-07-26 19:37:18 +02:00
Alberto Berti
6033364d0b Merge branch 'delimiter' into delimiter-master 2019-07-26 19:28:51 +02:00
Alberto Berti
05bb5518ad Let the milter add to headers the reason for tagging a message as spam 2019-07-26 19:01:54 +02:00
Alberto Berti
0ff81a9593 Make the delimiter configuration work 2019-07-26 19:00:32 +02:00
Alberto Berti
fad71d9948 Fix typo 2019-07-25 17:55:01 +02:00
Alberto Berti
253c8732b4 Add subaddresses configuration 2019-07-25 17:30:20 +02:00
Joey Hewitt
f789f7a80c add dkimKeyBits configuration 2019-07-09 21:59:28 -06:00
Joey Hewitt
7e718e0e33 dkim: transition to PermissionsStartOnly=false
That's how nixpkgs-unstable is now, so to be compatible with both we
have to force that setting. Use systemd tmpfiles to provision
directory with correct owner.
2019-07-07 21:47:09 -06:00
Joey Hewitt
93660eabcd fixes to tests
- restructure rspamd config. It's nicer now, and it was getting
overridden the old way.
- "scan_mime_parts = false" apparently must be used in rspamd for ClamAV
to work
- refactor the clamav test a bit for cleanliness
- wait for rspamd and clamd sockets to open, before testing
- use clamdscan for speed, and verify that the virus was found
- verify msmtp returns virus scan result
2019-07-07 21:47:09 -06:00
Joey Hewitt
0e6bb4e898 workaround GitLab CI KVM issue
Their CI environment currently doesn't have KVM.  This commit should be
reverted when/if they do, for much better CI speed.

You can still run tests locally on your KVM-enabled machine as documented
on the wiki.

Workaround on GitLab is several pieces (injected through .gitlab-ci.yml):
- Make a /dev/kvm file so that nix thinks we have "kvm" system feature
and proceeds with executing the tests.
- Inject a QEMU package that replaces qemu-kvm with a full emulator.
- Monkey-patch the test script to wait longer for the VM to boot, since
it's slow on full emulation. 1200 seconds, double the previous value.
The patch method is not bulletproof, but better than maintaining forks of
nixpkgs.
- Set systemd's DefaultTimeoutStartSec=15min, so nix's "backdoor" test
service doesn't time out on the slow boot.
2019-07-07 21:47:09 -06:00
Joey Hewitt
05d963e751 lower dhparam bits, for faster tests
Make a tests/lib/config.nix file that is imported into the configuration
of all testing VMs.
2019-07-06 21:08:26 -06:00
Oscar Carlsson
4e8fbac580 Disable TLSv1.0 and deprecated ciphers.
TLSv1.0 is as deprecated as the older SSL versions, and should not be
used. I've also disabled a slew of ciphers, and hopefully this will
make us less vulnerable to downgrade attacks and similar.
2019-06-21 11:09:30 +02:00
Robin Raymond
ba3336978e correct checksum 2019-05-03 17:35:33 +02:00
Robin Raymond
e35959b65f fix checksum 2019-05-03 17:33:39 +02:00
Robin Raymond
a658e7fc6c Advertise mailing list a little more 2019-05-03 14:38:41 +02:00
Robin Raymond
d127730f27 modify readme for v2.2.1 2019-05-03 14:21:18 +02:00
Robin Raymond
642a15fbf7 Merge branch 'master' of gitlab.com:simple-nixos-mailserver/nixos-mailserver 2019-05-03 14:13:42 +02:00
Robin Raymond
72e79e5c38 fix minimal test 2019-05-03 14:13:22 +02:00
Robin Raymond
e2702c8c8e update to nixos 19.03 2019-05-03 14:13:11 +02:00
Christian Kauhaus
bce95d0229 Use services.postfix.virtual option
SNM used to define virtual_alias_maps in extraConfig which collides with
the same parameter defined by the standard services.postfix.virtual
option. This led to *lots* of warnings during postfix startup like

```
May 02 18:29:58 nun postfix/master[24758]: warning: /etc/postfix/main.cf, line 47: overriding earlier entry: virtual_alias_maps=hash:/etc/postfix/virtual
```

Refraining from overriding virtual_alias_maps has the additional
advantage that virtual aliases defined by other modules dont' stop
working with SNM.
2019-05-03 11:25:23 +00:00
Robin Raymond
a485cb3719 fix nixops file 2019-05-03 13:11:47 +02:00
Christian Kauhaus
184975be76 Fix renamed rspamd_proxy option
Fixes #152
2019-05-03 10:54:15 +02:00
Tom
2c59de8dcb README: include sha256 of the expected release tarball
Advantages of including the SHA256:
(i) removes the impurity of the tarball contents being changed
(ii) if sha256 is not included, then each nixops deploy triggers a re-download of the tarball

Here's how to get the expected hash:

$ nix-prefetch-url --unpack 'https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/v2.2.0/nixos-mailserver-v2.2.0.tar.gz'
unpacking...
[0.0 MiB DL]
path is '/nix/store/dwg8xlfnlw7mhr4cjk1viwmm0b249b74-nixos-mailserver-v2.2.0.tar.gz'
0gqzgy50hgb5zmdjiffaqp277a68564vflfpjvk1gv6079zahksc
2019-01-28 14:21:51 +00:00
Michishige Kaito
c2ca4d1bb0 postfix: allow configuring message_size_limit 2018-11-23 14:29:23 +00:00
Robin Raymond
ebf34930a7 udpate readme 2018-11-11 18:18:58 +01:00
Robin Raymond
8b7dde4b54 remove rspamd socket 2018-11-11 18:03:04 +01:00
Robin Raymond
1c1e301c11 Merge branch 'master' of gitlab.com:simple-nixos-mailserver/nixos-mailserver 2018-11-10 14:38:27 +01:00
Robin Raymond
91ce33f0e0 Merge branch 'eqyiel/nixos-mailserver-clamav-db-in-lfs' 2018-11-10 14:37:53 +01:00
Robin Raymond
e6069c276a Update .gitlab-ci.yml to 18.09 2018-11-10 13:33:31 +00:00
Robin Raymond
acd65c0803 New Feature >>rejectSender<<
Authored by tokudan
2018-11-10 14:29:16 +01:00
Robin Raymond
28cff2497a Merge branch 'plchldr/nixos-mailserver-master' 2018-11-10 14:09:26 +01:00
Robin Raymond
d624740db5 Update README.md to use gitlab ci badge 2018-11-10 12:37:38 +00:00
Ruben Maher
a4046a1227 Setup ci on gitlab 2018-11-10 12:35:09 +00:00
plchldr
fa0541b96b remove Diffie Hillman parameter creation as it is handled by the upstream dovecot2 module as of 18.09 2018-10-30 17:56:25 +01:00
Ruben Maher
9488b6fd43 ci: store Clamav DB in LFS
Fix #136 (stop pulling the files from @griff's poor server), also add a script
to update the files.

The fun thing about this is that due to sourcing the files from
`https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/raw/master/tests/clamav`
during the tests, updates to the `hashes.json` and `*.cvd` files will always
fail CI.  I guess this is a reasonable tradeoff as long as people are aware of
it.
2018-08-18 15:13:25 +09:30
Ruben Maher
817d84d36d remove ISSUE_TEMPLATE.md
This file is not used by GitLab.
2018-08-18 12:05:09 +09:30