krebs.exim-retiolum: assert krebs.retiolum.enable
This commit is contained in:
parent
6c2c01b5cb
commit
9f92ba455c
@ -8,11 +8,7 @@ let
|
|||||||
out = {
|
out = {
|
||||||
options.krebs.exim-retiolum = api;
|
options.krebs.exim-retiolum = api;
|
||||||
config =
|
config =
|
||||||
# This configuration makes only sense for retiolum-enabled hosts.
|
mkIf cfg.enable imp;
|
||||||
# TODO modular configuration
|
|
||||||
mkIf cfg.enable (
|
|
||||||
#assert config.krebs.retiolum.enable;
|
|
||||||
imp);
|
|
||||||
};
|
};
|
||||||
|
|
||||||
api = {
|
api = {
|
||||||
@ -20,121 +16,125 @@ let
|
|||||||
};
|
};
|
||||||
|
|
||||||
imp = {
|
imp = {
|
||||||
services.exim = {
|
services.exim =
|
||||||
enable = true;
|
# This configuration makes only sense for retiolum-enabled hosts.
|
||||||
config = ''
|
# TODO modular configuration
|
||||||
primary_hostname = ${retiolumHostname}
|
assert config.krebs.retiolum.enable;
|
||||||
domainlist local_domains = @ : localhost
|
{
|
||||||
domainlist relay_to_domains = *.retiolum
|
enable = true;
|
||||||
hostlist relay_from_hosts = <; 127.0.0.1 ; ::1
|
config = ''
|
||||||
|
primary_hostname = ${retiolumHostname}
|
||||||
|
domainlist local_domains = @ : localhost
|
||||||
|
domainlist relay_to_domains = *.retiolum
|
||||||
|
hostlist relay_from_hosts = <; 127.0.0.1 ; ::1
|
||||||
|
|
||||||
acl_smtp_rcpt = acl_check_rcpt
|
acl_smtp_rcpt = acl_check_rcpt
|
||||||
acl_smtp_data = acl_check_data
|
acl_smtp_data = acl_check_data
|
||||||
|
|
||||||
host_lookup = *
|
host_lookup = *
|
||||||
rfc1413_hosts = *
|
rfc1413_hosts = *
|
||||||
rfc1413_query_timeout = 5s
|
rfc1413_query_timeout = 5s
|
||||||
|
|
||||||
log_file_path = syslog
|
log_file_path = syslog
|
||||||
syslog_timestamp = false
|
syslog_timestamp = false
|
||||||
syslog_duplication = false
|
syslog_duplication = false
|
||||||
|
|
||||||
begin acl
|
begin acl
|
||||||
|
|
||||||
acl_check_rcpt:
|
acl_check_rcpt:
|
||||||
accept hosts = :
|
accept hosts = :
|
||||||
control = dkim_disable_verify
|
control = dkim_disable_verify
|
||||||
|
|
||||||
deny message = Restricted characters in address
|
deny message = Restricted characters in address
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
local_parts = ^[.] : ^.*[@%!/|]
|
local_parts = ^[.] : ^.*[@%!/|]
|
||||||
|
|
||||||
deny message = Restricted characters in address
|
deny message = Restricted characters in address
|
||||||
domains = !+local_domains
|
domains = !+local_domains
|
||||||
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
|
||||||
|
|
||||||
accept local_parts = postmaster
|
accept local_parts = postmaster
|
||||||
domains = +local_domains
|
domains = +local_domains
|
||||||
|
|
||||||
#accept
|
#accept
|
||||||
# hosts = *.retiolum
|
# hosts = *.retiolum
|
||||||
# domains = *.retiolum
|
# domains = *.retiolum
|
||||||
# control = dkim_disable_verify
|
# control = dkim_disable_verify
|
||||||
|
|
||||||
#require verify = sender
|
#require verify = sender
|
||||||
|
|
||||||
accept hosts = +relay_from_hosts
|
accept hosts = +relay_from_hosts
|
||||||
control = submission
|
control = submission
|
||||||
control = dkim_disable_verify
|
control = dkim_disable_verify
|
||||||
|
|
||||||
accept authenticated = *
|
accept authenticated = *
|
||||||
control = submission
|
control = submission
|
||||||
control = dkim_disable_verify
|
control = dkim_disable_verify
|
||||||
|
|
||||||
require message = relay not permitted
|
require message = relay not permitted
|
||||||
domains = +local_domains : +relay_to_domains
|
domains = +local_domains : +relay_to_domains
|
||||||
|
|
||||||
require verify = recipient
|
require verify = recipient
|
||||||
|
|
||||||
accept
|
accept
|
||||||
|
|
||||||
|
|
||||||
acl_check_data:
|
acl_check_data:
|
||||||
accept
|
accept
|
||||||
|
|
||||||
|
|
||||||
begin routers
|
begin routers
|
||||||
|
|
||||||
retiolum:
|
retiolum:
|
||||||
driver = manualroute
|
driver = manualroute
|
||||||
domains = ! ${retiolumHostname} : *.retiolum
|
domains = ! ${retiolumHostname} : *.retiolum
|
||||||
transport = remote_smtp
|
transport = remote_smtp
|
||||||
route_list = ^.* $0 byname
|
route_list = ^.* $0 byname
|
||||||
no_more
|
no_more
|
||||||
|
|
||||||
nonlocal:
|
nonlocal:
|
||||||
debug_print = "R: nonlocal for $local_part@$domain"
|
debug_print = "R: nonlocal for $local_part@$domain"
|
||||||
driver = redirect
|
driver = redirect
|
||||||
domains = ! +local_domains
|
domains = ! +local_domains
|
||||||
allow_fail
|
allow_fail
|
||||||
data = :fail: Mailing to remote domains not supported
|
data = :fail: Mailing to remote domains not supported
|
||||||
no_more
|
no_more
|
||||||
|
|
||||||
local_user:
|
local_user:
|
||||||
# debug_print = "R: local_user for $local_part@$domain"
|
# debug_print = "R: local_user for $local_part@$domain"
|
||||||
driver = accept
|
driver = accept
|
||||||
check_local_user
|
check_local_user
|
||||||
# local_part_suffix = +* : -*
|
# local_part_suffix = +* : -*
|
||||||
# local_part_suffix_optional
|
# local_part_suffix_optional
|
||||||
transport = home_maildir
|
transport = home_maildir
|
||||||
cannot_route_message = Unknown user
|
cannot_route_message = Unknown user
|
||||||
|
|
||||||
|
|
||||||
begin transports
|
begin transports
|
||||||
|
|
||||||
remote_smtp:
|
remote_smtp:
|
||||||
driver = smtp
|
driver = smtp
|
||||||
|
|
||||||
home_maildir:
|
home_maildir:
|
||||||
driver = appendfile
|
driver = appendfile
|
||||||
maildir_format
|
maildir_format
|
||||||
directory = $home/Maildir
|
directory = $home/Maildir
|
||||||
directory_mode = 0700
|
directory_mode = 0700
|
||||||
delivery_date_add
|
delivery_date_add
|
||||||
envelope_to_add
|
envelope_to_add
|
||||||
return_path_add
|
return_path_add
|
||||||
# group = mail
|
# group = mail
|
||||||
# mode = 0660
|
# mode = 0660
|
||||||
|
|
||||||
begin retry
|
begin retry
|
||||||
*.retiolum * F,42d,1m
|
*.retiolum * F,42d,1m
|
||||||
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
|
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
|
||||||
|
|
||||||
begin rewrite
|
begin rewrite
|
||||||
|
|
||||||
begin authenticators
|
begin authenticators
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# TODO get the hostname from somewhere else.
|
# TODO get the hostname from somewhere else.
|
||||||
|
Loading…
Reference in New Issue
Block a user