ForkMaster/nixos-mailserver
1
0
Fork 0
mirror of https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git synced 2025-05-17 16:10:49 +05:00
Code Issues Packages Projects Releases Wiki Activity
678 Commits 44 Branches 22 Tags
Commit Graph

678 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Weinelt
fbfd948535
flake.nix: remove clamav from devshell, add glab 
With glab we provide the GitLab CLI utility to interact programatically
with the platform. Useful for checking our Merge request branches for
example.
 2025-05-15 16:29:05 +02:00
Martin Weinelt
4c25278507
flake.nix: print options.md outpath during build 
Helpful for debugging the resulting options file.
 2025-05-15 16:29:05 +02:00
Martin Weinelt
3268d8b0d8
scripts/generate-options: refactor 
- Extract the md syntax part into reusable functions
- Rename variables so their purpose becomes clearer
 2025-05-15 16:29:04 +02:00
Martin Weinelt
4839fa6614
scripts: migrate format strings to f-strings 2025-05-15 16:29:04 +02:00
Martin Weinelt
ddc6ce61db
docs: fix linting issues 
https://github.com/sphinx-doc/sphinx/issues/3921
 2025-05-15 16:29:04 +02:00
Martin Weinelt
a6eb2a8f9a
README.md: reformat with markdownlint 2025-05-15 16:29:04 +02:00
Martin Weinelt
a7d580b934
treewide: reformat python code 2025-05-15 16:29:04 +02:00
Martin Weinelt
f9fcbe9430
scripts/generate-options: fix typing issue 2025-05-15 16:29:04 +02:00
Martin Weinelt
1615c93511
scripts/mail-check: fix typing issues 
Replaces the body payload parsing with proper handling for multipart
messages.
 2025-05-15 16:29:04 +02:00
Martin Weinelt
313f94ed8f
flake.nix: create pre-commit hydra job 2025-05-15 16:29:04 +02:00
Martin Weinelt
ff9087adb4
flake.nix: drop CC from devshell 
We absolutely do not need a C compiler in here.
 2025-05-15 16:29:03 +02:00
Martin Weinelt
d0ac5ce64c
flake.nix: annotate flake-compat usage 
It is not used within flake.nix, so add a note that it is used elsewhere.
 2025-05-15 16:29:03 +02:00
Martin Weinelt
dccca0506a
Provide direnv integration for flake devshell 2025-05-15 16:29:03 +02:00
Martin Weinelt
41e513da64
flake.nix: configure pre-commit 2025-05-15 16:29:03 +02:00
Martin Weinelt
1899fbe3fb Merge branch 'nixpkgs-update' into 'master' 
Update nixpkgs

See merge request simple-nixos-mailserver/nixos-mailserver!396
 2025-05-15 14:27:57 +00:00
Martin Weinelt
dd83a2c7ad
dovecot: rename sieve bayes/ham learning script 
Updates the spamassasin reference to talk about rspamd.
 2025-05-15 16:16:17 +02:00
Martin Weinelt
235dba2d82
tests/external: ignore new xapian warnings 
These looks harmless.

Closes: #322
 2025-05-15 16:16:17 +02:00
Martin Weinelt
edd828ca88
flake.lock: Update 
Flake lock file updates:

• Updated input 'flake-compat':
    'github:edolstra/flake-compat/0f9255e01c2351cc7d116c072cb317785dd33b33' (2023-10-04)
  → 'github:edolstra/flake-compat/9100a0f413b0c601e0533d1d94ffd501ce2e7885' (2025-05-12)
• Updated input 'nixpkgs':
    'github:NixOS/nixpkgs/23e89b7da85c3640bbc2173fe04f4bd114342367' (2024-11-19)
  → 'github:NixOS/nixpkgs/adaa24fbf46737f3f1b5497bf64bae750f82942e' (2025-05-13)
• Updated input 'nixpkgs-24_11':
    'github:NixOS/nixpkgs/314e12ba369ccdb9b352a4db26ff419f7c49fa84' (2024-12-13)
  → 'github:NixOS/nixpkgs/5d736263df906c5da72ab0f372427814de2f52f8' (2025-05-14)
 2025-05-15 16:16:16 +02:00
Martin Weinelt
1ce644871b
flake.nix: ignore the flake registry 
There is no real benefit using it anyway.
 2025-05-15 16:16:16 +02:00
Martin Weinelt
da66510f68 Merge branch 'ci-reuse-flake-nixpkgs' into 'master' 
ci: use hydra-cli from pinned nixpkgs

See merge request simple-nixos-mailserver/nixos-mailserver!395
 2025-05-11 04:22:14 +00:00
Martin Weinelt
1f82d59d67
ci: use hydra-cli from pinned nixpkgs 2025-05-10 21:18:17 +02:00
Martin Weinelt
61b3a2c5ec Merge branch 'runtest-with-pinned-nixpkgs' into 'master' 
flake.nix: run tests against pinned nixpkgs

See merge request simple-nixos-mailserver/nixos-mailserver!394
 2025-05-10 16:23:55 +00:00
Martin Weinelt
ef1e02e555
flake.nix: run tests against pinned nixpkgs 
and migrate to the new runTest, which evaluates much faster.
 2025-05-10 02:43:35 +02:00
Martin Weinelt
1feca02008 Merge branch 'drop-nixops' into 'master' 
treewide: drop nixops docs and examples

Closes #320

See merge request simple-nixos-mailserver/nixos-mailserver!393
 2025-05-08 21:36:38 +00:00
Martin Weinelt
b92870c240 treewide: drop nixops docs and examples 
This is not a deployment system we recommend using anymore in 2025.

Closes: #320
 2025-05-08 23:22:29 +02:00
Martin Weinelt
a7d2b05a99 Merge branch 'quota-status-uds' into 'master' 
dovecot: migrate queue-status to UNIX domain socket

See merge request simple-nixos-mailserver/nixos-mailserver!392
 2025-05-07 17:05:15 +00:00
Martin Weinelt
4a09d6460a Merge branch 'tests-remove-broken-escape-sequences' into 'master' 
tests: remove invalid escape sequences

See merge request simple-nixos-mailserver/nixos-mailserver!391
 2025-05-07 16:38:00 +00:00
Martin Weinelt
a1ff289bf9
dovecot: migrate queue-status to UNIX domain socket 2025-05-07 18:00:53 +02:00
lewo
7bb0f43503 Merge branch 'dane-lookups' into 'master' 
postfix: Support opportunistic DANE TLS

See merge request simple-nixos-mailserver/nixos-mailserver!389
 2025-05-07 07:02:02 +00:00
Martin Weinelt
86b48f368f
tests: remove invalid escape sequences 
>>> "\@"
<stdin>:1: SyntaxWarning: invalid escape sequence '\@'
'\\@'
 2025-05-07 03:56:41 +02:00
Martin Weinelt
e488e3639a Merge branch 'postfix-comments' into 'master' 
postfix: adjust comments around smtpd_recipient_restrictions

See merge request simple-nixos-mailserver/nixos-mailserver!390
 2025-05-07 00:59:11 +00:00
Martin Weinelt
2e254b4b5e
postfix: adjust comments around smtpd_recipient_restrictions 2025-05-07 02:52:28 +02:00
Martin Weinelt
1471e54b92 Merge branch 'no-tls-1.1' into 'master' 
postfix: disable TLSv1.1

See merge request simple-nixos-mailserver/nixos-mailserver!234
 2025-05-07 00:48:13 +00:00
Martin Weinelt
fac7efe946
postfix: Support opportunistic DANE TLS 
This migrates the security level for outgoing SMTP connections to
dane[1]. Either a server is configured for DANE or it now uses mandatory
unauthenticated TLS.

If DANE validation fails, the delivery will be tempfailed.

If DANE is invalid or unusable the connection will fall back to
unauthenticated mandatory TLS

This has been the default in various mail distributions:
- Mailcow since December 2016[2]
- mailinabox since July 2014[3]

[1] https://www.postfix.org/TLS_README.html#client_tls_dane
[2] 47a5166383
[3] e713af5f5a
 2025-05-07 02:23:32 +02:00
Martin Weinelt
155ba08be7 Merge branch 'readme' into 'master' 
README updates (Matrix, Automatic client configuration)

See merge request simple-nixos-mailserver/nixos-mailserver!388
 2025-05-06 15:25:37 +00:00
Robert Schütz
71c5fe04f1 postfix: disable TLSv1.1 
In accordance with https://ssl-config.mozilla.org/#server=postfix.
 2025-05-06 02:42:13 -07:00
Martin Weinelt
8b4990905c Merge branch 'feature/ldap_forwards' into 'master' 
ldap: Allow mailserver.forwards

See merge request simple-nixos-mailserver/nixos-mailserver!313
 2025-05-06 03:38:48 +00:00
Martin Weinelt
f6a64f713c
docs/release-notes: advertise mailserver.forwards with ldap 2025-05-06 05:32:59 +02:00
Elian Doran
b343c5e8fa
assertions: Allow mailserver.forwards with LDAP set up 2025-05-06 05:32:45 +02:00
Martin Weinelt
776162c162 Merge branch 'dev/check-quota-is-null' into 'master' 
mail-server/dovecot: check if quota is non-null instead of string

See merge request simple-nixos-mailserver/nixos-mailserver!362
 2025-05-06 02:27:36 +00:00
Leon Schuermann
6f3ece9181 mail-server/dovecot: check if quota is non-null instead of string 2025-05-06 02:27:36 +00:00
Martin Weinelt
2d0b3fdeb0
README: Add automatic client configuration support to the roadmap 2025-05-06 03:37:23 +02:00
Martin Weinelt
4320259e34
README: add matrix room, reference libera connection information 2025-05-06 03:29:35 +02:00
Martin Weinelt
7091fad860 Merge branch 'rspamd-dkim-signing' into 'master' 
Use rspamd for DKIM signing, drop OpenDKIM

Closes #203, #210, and #279

See merge request simple-nixos-mailserver/nixos-mailserver!374
 2025-05-05 23:33:20 +00:00
Martin Weinelt
2520e662f7 tests/external: make DKIM signing test more explicit 2025-05-06 01:05:10 +02:00
Martin Weinelt
630b5c4fdd Use rspamd for DKIM signing, drop OpenDKIM 
OpenDKIM has not been updated in the last 7 years and failed to adopt
RFC8463, which introduces Ed25519-SHA256 signatures.

It has thereby held back the DKIM ecosystem, which relies on the DNS
system to publish its public keys. The DNS system in turn does not handle
large record sizes well (see RFC8301), which is why Ed25519 public keys
would be preferable, but I'm not sure the ecosystem has caught up, so we
stay on the conservative side with RSA for now.

Fixes: #203 #210 #279
Obsoletes: !162 !338
Supersedes: !246
 2025-05-06 01:05:10 +02:00
Martin Weinelt
2c37e563fd Merge branch 'cleanup' into 'master' 
Various cleanups

See merge request simple-nixos-mailserver/nixos-mailserver!387
 2025-05-05 20:58:25 +00:00
Martin Weinelt
8800bccab8
dovecot: fix config indent 2025-05-05 22:31:16 +02:00
Martin Weinelt
84bf0c0c07
README.md: remove mailing list information 
Has been unused since 2019, so it is not a good recommendation to
subscribe there anymore.
 2025-05-05 22:31:16 +02:00
Martin Weinelt
a071813b97
README: reword feature list 
and remove the v2.0 release title.
 2025-05-05 22:31:15 +02:00