summaryrefslogtreecommitdiffstats
path: root/krebs/3modules/exim-smarthost.nix
diff options
context:
space:
mode:
authortv <tv@krebsco.de>2016-08-02 20:58:42 +0200
committertv <tv@krebsco.de>2016-08-02 20:58:42 +0200
commite6aef09ad41cd55d716b8ee276ebd774b95d8ecb (patch)
tree6d8d5cce976f3843ab196367e82fec56f0798838 /krebs/3modules/exim-smarthost.nix
parent0928cc03a6191640c66c9122159994855527faef (diff)
parentb197949ab83ee3ee87b5774e0fc7c8d0123a6708 (diff)
Merge remote-tracking branch 'gum/master'
Diffstat (limited to 'krebs/3modules/exim-smarthost.nix')
-rw-r--r--krebs/3modules/exim-smarthost.nix24
1 files changed, 23 insertions, 1 deletions
diff --git a/krebs/3modules/exim-smarthost.nix b/krebs/3modules/exim-smarthost.nix
index aba6ee0b5..cfe2e5f04 100644
--- a/krebs/3modules/exim-smarthost.nix
+++ b/krebs/3modules/exim-smarthost.nix
@@ -2,6 +2,7 @@
with config.krebs.lib;
let
+ indent = replaceChars ["\n"] ["\n "];
cfg = config.krebs.exim-smarthost;
out = {
@@ -12,6 +13,11 @@ let
api = {
enable = mkEnableOption "krebs.exim-smarthost";
+ authenticators = mkOption {
+ type = types.attrsOf types.str;
+ default = {};
+ };
+
dkim = mkOption {
type = types.listOf (types.submodule ({ config, ... }: {
options = {
@@ -80,6 +86,16 @@ let
default = [];
};
+ ssl_cert = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ };
+
+ ssl_key = mkOption {
+ type = types.nullOr types.str;
+ default = null;
+ };
+
system-aliases = mkOption {
type = types.listOf (types.submodule ({
options = {
@@ -136,7 +152,9 @@ let
syslog_timestamp = false
syslog_duplication = false
- tls_advertise_hosts =
+ ${optionalString (cfg.ssl_cert != null) "tls_certificate = ${cfg.ssl_cert}"}
+ ${optionalString (cfg.ssl_key != null) "tls_privatekey = ${cfg.ssl_key}"}
+ tls_advertise_hosts =${optionalString (cfg.ssl_cert != null) " *"}
begin acl
@@ -257,6 +275,10 @@ let
begin rewrite
begin authenticators
+ ${concatStringsSep "\n" (mapAttrsToList (name: text: ''
+ ${name}:
+ ${indent text}
+ '') cfg.authenticators)}
'';
};
};