changed maildir to /var/lib/mail, rspamd fixes

This commit is contained in:
Rouven Seifert 2023-02-03 16:04:45 +01:00
parent b600c70202
commit 58449429b9
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09

View file

@ -2,6 +2,7 @@
let let
hostname = "mail.${config.fsr.domain}"; hostname = "mail.${config.fsr.domain}";
domain = config.fsr.domain; domain = config.fsr.domain;
rspamd-domain = "rspamd.${config.fsr.domain}";
# brauchen wir das überhaupt? # brauchen wir das überhaupt?
#ldap-aliases = pkgs.writeText "ldap-aliases.cf" '' #ldap-aliases = pkgs.writeText "ldap-aliases.cf" ''
#server_host = ldap://localhost #server_host = ldap://localhost
@ -11,7 +12,7 @@ let
uris = ldap://localhost uris = ldap://localhost
dn = uid=search, ou=users, dc=ifsr, dc=de dn = uid=search, ou=users, dc=ifsr, dc=de
auth_bind = yes auth_bind = yes
dnpass = $(${pkgs.coreutils}/bin/cat /run/secrets/portunus_search) dnpass = $(${pkgs.coreutils}/bin/cat ${config.sops.secrets."portunus_search".path})
ldap_version = 3 ldap_version = 3
scope = subtree scope = subtree
@ -44,7 +45,7 @@ in
#alias_maps = [ "ldap:${ldap-aliases}" ]; #alias_maps = [ "ldap:${ldap-aliases}" ];
smtpd_sasl_auth_enable = true; smtpd_sasl_auth_enable = true;
smtpd_sasl_path = "/var/lib/postfix/auth"; smtpd_sasl_path = "/var/lib/postfix/auth";
virtual_mailbox_base = "/var/spool/mail"; virtual_mailbox_base = "/var/lib/mail";
}; };
}; };
dovecot2 = { dovecot2 = {
@ -72,7 +73,7 @@ in
}; };
}; };
extraConfig = '' extraConfig = ''
mail_location = maildir:/var/mail/%u mail_location = maildir:/var/lib/mail/%u
passdb { passdb {
driver = ldap driver = ldap
args = ${dovecot-ldap-args} args = ${dovecot-ldap-args}
@ -124,15 +125,14 @@ in
virtualHosts."${hostname}" = { virtualHosts."${hostname}" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
};
virtualHosts."${rspamd-domain}" = {
forceSSL = true;
enableACME = true;
locations = { locations = {
"/rspamd" = { "/" = {
proxyPass = "http://127.0.0.1:11334";
proxyWebsockets = true; proxyWebsockets = true;
# maybe there is a more beautiful way for this
extraConfig = ''
if ($request_uri ~* "/rspamd/(.*)") {
proxy_pass http://127.0.0.1:11334/$1;
}
''; '';
}; };
}; };
@ -140,3 +140,27 @@ in
}; };
}; };
} }