rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-06-28 02:38:35 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix postfix tls

Browse source
This commit is contained in:
Rouven Seifert 2025-06-27 10:18:56 +02:00
parent 32dab55a1e
commit 789315a473
1 changed files with 4 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

6
hosts/falkenstein/modules/mail/postfix.nix
View file

@ -33,12 +33,14 @@ in
origin = "${domain}"; origin = "${domain}";
destination = [ "${hostname}" "${domain}" "localhost" ]; destination = [ "${hostname}" "${domain}" "localhost" ];
networks = [ "127.0.0.1" ]; networks = [ "127.0.0.1" ];
sslCert = "/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${hostname}/${hostname}.crt";
sslKey = "/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${hostname}/${hostname}.key";
config = { config = {
# home_mailbox = "Maildir/"; # home_mailbox = "Maildir/";
smtp_helo_name = config.networking.fqdn; smtp_helo_name = config.networking.fqdn;
smtpd_banner = "${config.networking.fqdn} ESMTP $mail_name"; smtpd_banner = "${config.networking.fqdn} ESMTP $mail_name";
smtpd_tls_chain_files = [
"/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${hostname}/${hostname}.key"
"/var/lib/caddy/certificates/acme-v02.api.letsencrypt.org-directory/${hostname}/${hostname}.crt"
];
smtp_tls_security_level = "may"; smtp_tls_security_level = "may";
# forcing encryption breaks rspamd # forcing encryption breaks rspamd
smtpd_tls_security_level = "may"; smtpd_tls_security_level = "may";