diff --git a/flake.lock b/flake.lock index f42bed1..d4362e6 100644 --- a/flake.lock +++ b/flake.lock @@ -19,11 +19,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1668681692, - "narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "009399224d5e398d03b22badca40a37ac85412a1", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -34,11 +34,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1705856552, - "narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=", + "lastModified": 1709703039, + "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d", + "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d", "type": "github" }, "original": { @@ -64,11 +64,11 @@ }, "nixpkgs-23_11": { "locked": { - "lastModified": 1706098335, - "narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=", + "lastModified": 1709884566, + "narHash": "sha256-NSYJg2sfdO/XS3L8XN/59Zhzn0dqWm7XtVnKI2mHq3w=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a77ab169a83a4175169d78684ddd2e54486ac651", + "rev": "2be119add7b37dc535da2dd4cba68e2cf8d1517e", "type": "github" }, "original": { @@ -87,13 +87,31 @@ "utils": "utils" } }, - "utils": { + "systems": { "locked": { - "lastModified": 1605370193, - "narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=", + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1709126324, + "narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=", "owner": "numtide", "repo": "flake-utils", - "rev": "5021eac20303a61fafe17224c087f5519baed54d", + "rev": "d465f4819400de7c8d874d50b982301f28a84605", "type": "github" }, "original": { diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index 7d73ee2..6459846 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -175,8 +175,18 @@ in mailPlugins.globally.enable = lib.optionals cfg.fullTextSearch.enable [ "fts" "fts_xapian" ]; protocols = lib.optional cfg.enableManageSieve "sieve"; - sieveScripts = { - after = builtins.toFile "spam.sieve" '' + pluginSettings = { + sieve = "file:${cfg.sieveDirectory}/%u/scripts;active=${cfg.sieveDirectory}/%u/active.sieve"; + sieve_default = "file:${cfg.sieveDirectory}/%u/default.sieve"; + sieve_default_name = "default"; + }; + + sieve = { + extensions = [ + "fileinto" + ]; + + scripts.after = builtins.toFile "spam.sieve" '' require "fileinto"; if header :is "X-Spam" "Yes" { @@ -184,8 +194,29 @@ in stop; } ''; + + pipeBins = map lib.getExe [ + (pkgs.writeShellScriptBin "sa-learn-ham.sh" + "exec ${pkgs.rspamd}/bin/rspamc -h /run/rspamd/worker-controller.sock learn_ham") + (pkgs.writeShellScriptBin "sa-learn-spam.sh" + "exec ${pkgs.rspamd}/bin/rspamc -h /run/rspamd/worker-controller.sock learn_spam") + ]; }; + imapsieve.mailbox = [ + { + name = junkMailboxName; + causes = [ "COPY" "APPEND" ]; + before = ./dovecot/imap_sieve/report-spam.sieve; + } + { + name = "*"; + from = junkMailboxName; + causes = [ "COPY" ]; + before = ./dovecot/imap_sieve/report-ham.sieve; + } + ]; + mailboxes = cfg.mailboxes; extraConfig = '' @@ -307,28 +338,6 @@ in inbox = yes } - plugin { - sieve_plugins = sieve_imapsieve sieve_extprograms - sieve = file:${cfg.sieveDirectory}/%u/scripts;active=${cfg.sieveDirectory}/%u/active.sieve - sieve_default = file:${cfg.sieveDirectory}/%u/default.sieve - sieve_default_name = default - - # From elsewhere to Spam folder - imapsieve_mailbox1_name = ${junkMailboxName} - imapsieve_mailbox1_causes = COPY,APPEND - imapsieve_mailbox1_before = file:${stateDir}/imap_sieve/report-spam.sieve - - # From Spam folder to elsewhere - imapsieve_mailbox2_name = * - imapsieve_mailbox2_from = ${junkMailboxName} - imapsieve_mailbox2_causes = COPY - imapsieve_mailbox2_before = file:${stateDir}/imap_sieve/report-ham.sieve - - sieve_pipe_bin_dir = ${pipeBin}/pipe/bin - - sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.environment - } - ${lib.optionalString cfg.fullTextSearch.enable '' plugin { plugin = fts fts_xapian @@ -357,13 +366,6 @@ in systemd.services.dovecot2 = { preStart = '' ${genPasswdScript} - rm -rf '${stateDir}/imap_sieve' - mkdir '${stateDir}/imap_sieve' - cp -p "${./dovecot/imap_sieve}"/*.sieve '${stateDir}/imap_sieve/' - for k in "${stateDir}/imap_sieve"/*.sieve ; do - ${pkgs.dovecot_pigeonhole}/bin/sievec "$k" - done - chown -R '${dovecot2Cfg.mailUser}:${dovecot2Cfg.mailGroup}' '${stateDir}/imap_sieve' '' + (lib.optionalString cfg.ldap.enable setPwdInLdapConfFile); };