diff options
author | tv <tv@krebsco.de> | 2015-08-13 11:46:09 +0200 |
---|---|---|
committer | tv <tv@krebsco.de> | 2015-08-13 11:50:38 +0200 |
commit | 47e8797f9b4715930bb64176d25779f82cfe55d7 (patch) | |
tree | 6d8ba297860b32b5678fb56db4c6086178f73c9a | |
parent | ec3e450bfda4a7754f24916c7cd4ddd88e1dbbc4 (diff) |
{tv 2 => krebs 3}/exim-retiolum
-rw-r--r-- | tv/1systems/nomic.nix | 4 | ||||
-rw-r--r-- | tv/1systems/wu.nix | 4 | ||||
-rw-r--r-- | tv/2configs/exim-retiolum.nix | 126 |
3 files changed, 6 insertions, 128 deletions
diff --git a/tv/1systems/nomic.nix b/tv/1systems/nomic.nix index b9a10cb..896c1ad 100644 --- a/tv/1systems/nomic.nix +++ b/tv/1systems/nomic.nix @@ -25,7 +25,6 @@ with lib; ../2configs/AO753.nix ../2configs/base.nix ../2configs/consul-server.nix - ../2configs/exim-retiolum.nix ../2configs/git.nix { tv.iptables = { @@ -39,6 +38,9 @@ with lib; }; } { + krebs.exim-retiolum = true; + } + { krebs.nginx = { enable = true; servers.default.locations = [ diff --git a/tv/1systems/wu.nix b/tv/1systems/wu.nix index ae6ef13..a5cbde3 100644 --- a/tv/1systems/wu.nix +++ b/tv/1systems/wu.nix @@ -29,7 +29,6 @@ in ../2configs/w110er.nix ../2configs/base.nix ../2configs/consul-client.nix - ../2configs/exim-retiolum.nix ../2configs/git.nix ../2configs/mail-client.nix ../2configs/xserver.nix @@ -166,6 +165,9 @@ in }; } { + krebs.exim-retiolum = true; + } + { krebs.nginx = { enable = true; servers.default.locations = [ diff --git a/tv/2configs/exim-retiolum.nix b/tv/2configs/exim-retiolum.nix deleted file mode 100644 index 851a0c6..0000000 --- a/tv/2configs/exim-retiolum.nix +++ /dev/null @@ -1,126 +0,0 @@ -{ config, pkgs, ... }: - -{ - services.exim = - # This configuration makes only sense for retiolum-enabled hosts. - # TODO modular configuration - assert config.krebs.retiolum.enable; - let - # TODO get the hostname from config.krebs.retiolum. - retiolumHostname = "${config.networking.hostName}.retiolum"; - in - { enable = true; - config = '' - primary_hostname = ${retiolumHostname} - domainlist local_domains = @ : localhost - domainlist relay_to_domains = *.retiolum - hostlist relay_from_hosts = <; 127.0.0.1 ; ::1 - - acl_smtp_rcpt = acl_check_rcpt - acl_smtp_data = acl_check_data - - host_lookup = * - rfc1413_hosts = * - rfc1413_query_timeout = 5s - - log_file_path = syslog - syslog_timestamp = false - syslog_duplication = false - - begin acl - - acl_check_rcpt: - accept hosts = : - control = dkim_disable_verify - - deny message = Restricted characters in address - domains = +local_domains - local_parts = ^[.] : ^.*[@%!/|] - - deny message = Restricted characters in address - domains = !+local_domains - local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ - - accept local_parts = postmaster - domains = +local_domains - - #accept - # hosts = *.retiolum - # domains = *.retiolum - # control = dkim_disable_verify - - #require verify = sender - - accept hosts = +relay_from_hosts - control = submission - control = dkim_disable_verify - - accept authenticated = * - control = submission - control = dkim_disable_verify - - require message = relay not permitted - domains = +local_domains : +relay_to_domains - - require verify = recipient - - accept - - - acl_check_data: - accept - - - begin routers - - retiolum: - driver = manualroute - domains = ! ${retiolumHostname} : *.retiolum - transport = remote_smtp - route_list = ^.* $0 byname - no_more - - nonlocal: - debug_print = "R: nonlocal for $local_part@$domain" - driver = redirect - domains = ! +local_domains - allow_fail - data = :fail: Mailing to remote domains not supported - no_more - - local_user: - # debug_print = "R: local_user for $local_part@$domain" - driver = accept - check_local_user - # local_part_suffix = +* : -* - # local_part_suffix_optional - transport = home_maildir - cannot_route_message = Unknown user - - - begin transports - - remote_smtp: - driver = smtp - - home_maildir: - driver = appendfile - maildir_format - directory = $home/Maildir - directory_mode = 0700 - delivery_date_add - envelope_to_add - return_path_add - # group = mail - # mode = 0660 - - begin retry - *.retiolum * F,42d,1m - * * F,2h,15m; G,16h,1h,1.5; F,4d,6h - - begin rewrite - - begin authenticators - ''; - }; -} |