Commit Graph

26 Commits

Author SHA1 Message Date
Antoine Eiche
e9dea6cdb4 postfix: also create the dh.pem if it is empty
The dh.pem file is currently created by the postfix prestart
script. If the entropy of the system is to low, the postfix prestart
can timeout. In this case, an empty file is created.
If the user restarts the postfix service, the dh.pem is not created
because the file already exists (but is empty).
When a ssl is established with dovecot, it fails with this message:
imap-login: `Error:Failed to initialize SSL server context: Couldn't parse DH parameters:
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH
PARAMETERS`

With this patch, the postfix service creates the dh.pem if the dh.pem
doesn't exist or if it is empty. It doesn't fix the entropy or
timeout issue but at least, the user knows something is failing:/
2018-05-10 01:04:02 +02:00
Robin Raymond
6bdfdca0e3 fix typo 2018-02-23 15:36:29 +01:00
Robin Raymond
5d169c3ef2 fixes #88 2018-02-23 14:56:28 +01:00
Ruben Maher
5b570ad5a0 dovecot: read dovecot version into nix variable
This allows determining whether it's OK to use particular configuration
variables that will throw errors when used in older versions.
2018-02-17 22:24:39 +10:30
Robin Raymond
f6546a1a8e fix dovecot 2.3 ssl_dh 2018-02-13 13:18:31 +01:00
Robin Raymond
aca43875dc update copywright 2018-01-29 10:34:27 +01:00
Robin Raymond
d905be86d5 fix multidomain dkim signing fixes #24 2017-11-11 16:06:28 +01:00
John Boehr
16fb41de01 Change domain to fqdn and extraDomains to domains 2017-11-11 09:45:06 +00:00
John Boehr
ebd0f656ed
Preliminary multi-domain support 2017-11-09 13:13:27 -08:00
Robin Raymond
2f7e3a9f0c initial acme support; needs testing 2017-09-23 09:56:09 +02:00
Robin Raymond
bf7099d389 fix issue #8
turns out this is a upstream bug. The fix should probably be pushed to nixpkgs.
2017-09-13 11:49:33 +02:00
Robin Raymond
d974be81e0 revert script exctraction 2017-09-03 16:20:47 +02:00
Robin Raymond
0c20bb3a85 move scripts to external files 2017-09-03 16:00:10 +02:00
Robin Raymond
0c414738e1 fix merge bug in systemd 2017-09-03 15:56:36 +02:00
Robin Raymond
1e0c203bf8 Merge branch 'module-rewrite' 2017-09-03 15:31:37 +02:00
Robin Raymond
3eb363fc71 systemd to module 2017-09-02 15:08:50 +02:00
Robin Raymond
ebb2a5caf7 camelCase 2 2017-09-02 13:29:49 +02:00
Robin Raymond
b5fccc7e39 camelCase 2017-09-02 13:23:37 +02:00
Robin Raymond
256d2c75a6 update comments 2017-09-02 12:15:22 +02:00
Robin Raymond
42c4e18438 remove unnecessary after field in systemd 2017-08-30 15:56:24 +02:00
Robin Raymond
bb4717bf0b fix typo in opendkim key generation 2017-08-30 14:29:06 +02:00
Robin Raymond
d05bd24040 make dovecot wait for postfix instead of other way around 2017-08-23 17:34:34 +02:00
Robin Raymond
8551dcffff enable dkim signing 2017-08-23 17:22:44 +02:00
Robin Raymond
b68e64ec72 certificate scheme 2
On the fly create certificates via openssl (Maybe change this to
libressl in the future?). This is probably the best scheme to get
something that simply works. Self signed certificates only pose a
problem when connecting to retrieve the email via imap or pop3.
2017-08-13 11:51:07 +02:00
Robin Raymond
1d53a88a21 finish up dovecot configuration
also factor out users into own file
2017-08-12 12:28:46 +02:00
Robin Raymond
e63b6ebda9 create maildir folder 2017-08-12 11:47:52 +02:00