Commit graph

214 commits

Author SHA1 Message Date
Robin Raymond
ea20d60ec1 possible fix for #86 2018-02-23 14:51:15 +01:00
Robin Raymond
c252ecb869 possible fix for #86 2018-02-22 23:12:39 +01:00
Robin Raymond
df25233fd4 merge 'basic rsnapshot backup' 2018-02-22 22:49:58 +01:00
Robin Raymond
ca9680403e
Merge pull request #56 from phdoerfler/monitoring
Added monitoring of disk space via monit
2018-02-22 22:45:02 +01:00
Philipp Dörfler
29cb68a216 Added monitoring of disk space and more with monit. 2018-02-22 20:33:55 +00:00
Philipp Dörfler
59b1fafefc Added basic rsnapshot backup. 2018-02-22 20:33:27 +00:00
Philipp Dörfler
43d36d9b76 Dovecot: Mailbox config + hierarchy separator + FS layout.
- Factored mailbox config into its own option.
- Added hierarchy separator option.
- Added option for using FS layout.
2018-02-22 20:32:21 +00:00
Ruben Maher
929cac8f50 mail-server/users.nix: don't expand variables in sieve script 2018-02-19 09:32:40 +10:30
Robin Raymond
436cf0513b add vitual mail users 2018-02-18 12:17:32 +01:00
Ruben Maher
5b570ad5a0 dovecot: read dovecot version into nix variable
This allows determining whether it's OK to use particular configuration
variables that will throw errors when used in older versions.
2018-02-17 22:24:39 +10:30
Robin Raymond
f6546a1a8e fix dovecot 2.3 ssl_dh 2018-02-13 13:18:31 +01:00
Robin Raymond
b75575f02e
remove unbound 2018-02-09 15:02:28 +01:00
Robin Raymond
671f447015
Merge pull request #57 from phdoerfler/localnameserver
Added kresd as local nameserver so rspamd stops complaining
2018-02-09 15:00:09 +01:00
Robin Raymond
0f6de6ff57
remove clamav from packages, fixes #64 2018-02-01 09:14:21 +01:00
Robin Raymond
aca43875dc update copywright 2018-01-29 10:34:27 +01:00
Robin Raymond
ba4eaed61d related to #52 2018-01-29 10:24:53 +01:00
Philipp Dörfler
bc627f180a Added kresd as local nameserver so rspamd stops complaining 2018-01-13 01:39:21 +00:00
Andrey Golovizin
ee479ae683 Run spam.sieve after user scripts
Allows the user to override or disable it, if necessary.
2018-01-07 14:05:16 +01:00
Andrey Golovizin
aeedb25daf Use sieve_default option for sieveScript
https://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration#Visible_Default_Script
2018-01-07 14:05:16 +01:00
Andrey Golovizin
a6d9604ea5 Fix Sieve script activation via ManageSieve 2018-01-07 14:05:16 +01:00
Andrey Golovizin
30e4f136fd Add enableManageSieve option to open port 4190 2018-01-07 14:05:12 +01:00
Robin Raymond
eeb7fd64af implement qutoas 2017-12-22 16:58:35 +01:00
Robin Raymond
2d0648e0f4 move from real users to passwd file 2017-12-22 16:08:42 +01:00
Ruben Maher
3a333ab71a mail-server/postfix: add each loginAccount to virtual_alias_maps 2017-12-20 10:54:57 +10:30
Robin Raymond
fc9b63f0e6 add explicit catchAlls #49 2017-12-18 12:26:54 +01:00
geistesk
0091ae1761 Postfix: set hostname to FQDN
This should fix #43
2017-11-26 11:56:34 +01:00
Robin Raymond
160f3cbc9b open port 80 when using LE certs. fixes #42 2017-11-26 07:59:31 +01:00
Robin Raymond
8ce3d42c13 implement extraVirtualAliases 2017-11-21 11:52:16 +01:00
Robin Raymond
67c29a561c concat all valiases 2017-11-21 11:35:52 +01:00
Robin Raymond
d94b8acd78 implement alias list 2017-11-21 11:18:07 +01:00
Ruben Maher
d3fc1cccbd mail-server/dovecot.nix: automatically subscribe to new mailboxes
When a mailbox is created by sieve or is delivered to directly by IMAP commands,
created IMAP folders are not subscribed to by dovecot.  These configuration
options change that.

Acked-by: Ruben Maher <ruben@maher.fyi>
2017-11-21 08:32:55 +10:30
Ruben Maher
c2495e69f3 default.nix, mail-server/users.nix: add per-user sieve script 2017-11-20 09:04:32 +10:30
Robin Raymond
8b144b44b0
Merge pull request #39 from eqyiel/delete-comment
mail-server/nginx.nix: delete dangling comment
2017-11-19 08:37:32 +01:00
Ruben Maher
5f3c44b60f mail-server/nginx.nix: delete dangling comment 2017-11-19 08:14:04 +10:30
Ruben Maher
cd85fd9d2f s/vmailUIDStart/vmailUID/g
The name vmailUIDStart is not consistent with how it is being used (as the UID
of the vmail user).
2017-11-19 07:10:49 +10:30
Robin Raymond
5a851d837c
Merge pull request #31 from eqyiel/debug-option
Add debug option for verbose logging
2017-11-15 07:52:16 +01:00
Ruben Maher
f928924049 Add debug option for verbose logging 2017-11-15 08:22:46 +10:30
Robin Raymond
1d7e70c613
Merge pull request #33 from eqyiel/set-mydestination
mail-server/postfix.nix: set mydestination to localhost
2017-11-14 08:11:20 +01:00
Ruben Maher
f076a0af65 mail-server/postfix.nix: set mydestination to localhost
In the event that your `cfg.fqdn` is the same as a domain in `cfg.domains`, you
will not be able to receive mail for users like `user1@fqdn` because postfix
will try to deliver the mail locally.
2017-11-14 09:16:53 +10:30
Ruben Maher
43bd883cf6 mail-server/dovecot.nix: fix path to dovecot_maildir 2017-11-14 08:18:55 +10:30
Robin Raymond
b7c8c4ec3c
Merge pull request #30 from eqyiel/dovecot-indentation
mail-server/dovecot.nix: fix indentation
2017-11-13 15:07:08 +01:00
Ruben Maher
717dc36048 mail-server/dovecot.nix: fix indentation 2017-11-13 20:20:38 +10:30
Ruben Maher
7b3e33c49c mail-server/networking.nix: make use of use lib.optional 2017-11-13 20:10:33 +10:30
Ruben Maher
5047c2982f default.nix: add options to open ports 993 (IMAPS) and 995 (POP3S)
Dovecot is already configured to serve IMAPS on port 993 and POP3S on port 995.
2017-11-13 20:10:30 +10:30
Robin Raymond
d905be86d5 fix multidomain dkim signing fixes #24 2017-11-11 16:06:28 +01:00
Robin Raymond
b89d6e7b27 fix fqdn in smtp banner 2017-11-11 14:19:05 +01:00
John Boehr
16fb41de01 Change domain to fqdn and extraDomains to domains 2017-11-11 09:45:06 +00:00
John Boehr
a745abaa8e
Reload postfix and dovecot2 2017-11-09 14:32:33 -08:00
John Boehr
f372754052
Qualify user names 2017-11-09 14:17:03 -08:00
John Boehr
bbca0bd678
Fix a few issues with ACME certs 2017-11-09 13:16:06 -08:00
John Boehr
ebd0f656ed
Preliminary multi-domain support 2017-11-09 13:13:27 -08:00
Robin Raymond
3d2f41dedc jbboehr's fix for #21 2017-11-09 08:23:13 +01:00
Robin Raymond
431dcc3b0a
Merge pull request #20 from eqyiel/fix-gid-start
users.nix: ensure the group getting its gid set is vmailGroupName
2017-11-05 10:47:56 +01:00
Ruben Maher
8372b85369 users.nix: ensure the group getting its gid set is vmailGroupName 2017-11-05 19:15:56 +10:30
Ruben Maher
e91d237d81 Fix r-raymond/nixos-mailserver#18 2017-11-05 19:12:39 +10:30
Robin Raymond
bbdcdfc0a7 fix vmail bug 2017-10-18 09:20:44 +02:00
Robin Raymond
6ac36a1092 changing names 2017-10-18 09:10:51 +02:00
Robin Raymond
9f40c38bc6 remove variables from vmail user 2017-10-18 09:09:04 +02:00
Robin Raymond
2f7e3a9f0c initial acme support; needs testing 2017-09-23 09:56:09 +02:00
Robin Raymond
b06775cef7 add vmail user name again - otherwise postfix errors on startup 2017-09-22 18:57:14 +02:00
Robin Raymond
c574d0ea03 remove name from vmail user 2017-09-21 16:14:15 +02:00
Robin Raymond
5915f4412d trying to fix travisci bug 2017-09-21 16:11:46 +02:00
Robin Raymond
12f16b2239 remove hostname from config, it breaks tests 2017-09-21 10:59:56 +02:00
r-raymond
bc48b701c8 Merge pull request #15 from phdoerfler/patch-3
Added header filtering for removing sensitive information.
2017-09-20 15:31:06 +02:00
Robin Raymond
875db33579 comments on extra lines 2017-09-20 09:26:42 +02:00
Philipp Dörfler
4e5dd5db95 Removed superflous tls_auth_only = yes 2017-09-20 09:00:17 +02:00
Philipp Dörfler
893c6db5cd Now using pkgs.writeText
this places header cleanup rules into /store out of /etc and avoids the name clash.
2017-09-20 08:38:40 +02:00
Philipp Dörfler
16e31c6a0d Added header filtering for removing sensitive information. 2017-09-20 00:05:01 +02:00
Philipp Dörfler
46d14bcdf0 Increased security of TLS encryption 2017-09-19 23:54:40 +02:00
Robin Raymond
b98654f99a fixes #9 2017-09-14 10:56:22 +02:00
Robin Raymond
e226ed7fea remove obsolete comment 2017-09-13 15:24:11 +02:00
Robin Raymond
4b8669b2fe include junk sieve script 2017-09-13 13:06:44 +02:00
Robin Raymond
303448376b add sieve support to dovecot 2017-09-13 12:36:35 +02:00
Robin Raymond
ba9db7cb3a fix missing rspamd service and activate extended xspam headers 2017-09-13 12:22:50 +02:00
Robin Raymond
73be826cca add redis and max_size to rmilter config to silence warning 2017-09-13 11:55:30 +02:00
Robin Raymond
bf7099d389 fix issue #8
turns out this is a upstream bug. The fix should probably be pushed to nixpkgs.
2017-09-13 11:49:33 +02:00
Philipp Dörfler
71d6d41f9b Fixed issue #6 2017-09-12 22:47:13 +02:00
Robin Raymond
d974be81e0 revert script exctraction 2017-09-03 16:20:47 +02:00
Robin Raymond
0c20bb3a85 move scripts to external files 2017-09-03 16:00:10 +02:00
Robin Raymond
0c414738e1 fix merge bug in systemd 2017-09-03 15:56:36 +02:00
Robin Raymond
1e0c203bf8 Merge branch 'module-rewrite' 2017-09-03 15:31:37 +02:00
Robin Raymond
aa31e8fda6 add file missing in last commit 2017-09-03 11:15:18 +02:00
Robin Raymond
e5d3786ff5 tyding up code 2017-09-03 11:15:01 +02:00
Robin Raymond
28225fb1d6 complete module rewrite 2017-09-03 11:13:34 +02:00
Robin Raymond
3eb363fc71 systemd to module 2017-09-02 15:08:50 +02:00
Robin Raymond
9ac491f87d networking to module 2017-09-02 14:58:33 +02:00
Robin Raymond
201c532a67 environment to module 2017-09-02 14:04:07 +02:00
Robin Raymond
26ac134660 make users into module 2017-09-02 13:58:42 +02:00
Robin Raymond
ebb2a5caf7 camelCase 2 2017-09-02 13:29:49 +02:00
Robin Raymond
b5fccc7e39 camelCase 2017-09-02 13:23:37 +02:00
Robin Raymond
061054926d make clamav a module 2017-09-02 12:59:07 +02:00
Robin Raymond
256d2c75a6 update comments 2017-09-02 12:15:22 +02:00
Danylo Hlynskyi
c6e2de7180 don't enable firewall by default
It is default ON in NixOS and will conflict with `firewall.enable = false`, which some user may intentionally set.
In my opinion it is very high-level option to be set automatically.

Also, people who really don't want firewall, just do `lib.mkForce false` and won't even notice that this module requires it.
2017-08-31 14:42:14 +03:00
Robin Raymond
b0ae2de5f4 Merge branch 'master' of https://github.com/Infinisil/nixos-mailserver into module-rewrite 2017-08-31 10:49:01 +02:00
Robin Raymond
42c4e18438 remove unnecessary after field in systemd 2017-08-30 15:56:24 +02:00
Silvan Mosberger
692a677194 make configuration a nixos module 2017-08-30 15:09:38 +02:00
Robin Raymond
bb4717bf0b fix typo in opendkim key generation 2017-08-30 14:29:06 +02:00
Robin Raymond
d05bd24040 make dovecot wait for postfix instead of other way around 2017-08-23 17:34:34 +02:00
Robin Raymond
dbd8b88aca remove obsolete opendkim service 2017-08-23 17:29:51 +02:00
Robin Raymond
8551dcffff enable dkim signing 2017-08-23 17:22:44 +02:00
Robin Raymond
7d4809038f add virus scanning 2017-08-13 21:51:07 +02:00
Robin Raymond
f51811b236 add password hashes 2017-08-13 15:51:41 +02:00
Robin Raymond
ecd73f4e1c firewall respects settings 2017-08-13 14:20:02 +02:00
Robin Raymond
72f45af1ca fix submission port 2017-08-13 14:05:40 +02:00
Robin Raymond
b68e64ec72 certificate scheme 2
On the fly create certificates via openssl (Maybe change this to
libressl in the future?). This is probably the best scheme to get
something that simply works. Self signed certificates only pose a
problem when connecting to retrieve the email via imap or pop3.
2017-08-13 11:51:07 +02:00
Robin Raymond
be5d8c09d8 add rmilter and certificate files 2017-08-12 18:27:22 +02:00
Robin Raymond
f3f30f2f24 add documentation 2017-08-12 16:41:43 +02:00
Robin Raymond
f8b5e03b78 get postfix working
I still have to decide what to do with the certificate file
2017-08-12 16:14:16 +02:00
Robin Raymond
1d53a88a21 finish up dovecot configuration
also factor out users into own file
2017-08-12 12:28:46 +02:00
Robin Raymond
e63b6ebda9 create maildir folder 2017-08-12 11:47:52 +02:00
Robin Raymond
60574841c6 restructuring; now works with 17.03/17.09-pre
I had to remove some of the features, they need to be slowely added in
again.
2017-08-12 11:27:19 +02:00
Robin Raymond
938158b3a6 fix arguments of functions 2017-08-11 14:05:58 +02:00
Robin Raymond
5faac4d735 factors out postfix 2016-07-25 17:48:40 +02:00
Robin Raymond
00649f7222 seperate dovecot into own file 2016-07-25 17:40:58 +02:00