krebs.exim*: admit *.r
This commit is contained in:
parent
de5de37a12
commit
a73eaae18c
@ -143,12 +143,11 @@ let
|
||||
{ text=(stripEmptyLines value); }) all-zones;
|
||||
|
||||
krebs.exim-smarthost.internet-aliases = let
|
||||
format = from: to:
|
||||
format = from: to: {
|
||||
inherit from;
|
||||
# TODO assert is-retiolum-mail-address to;
|
||||
{ inherit from;
|
||||
to = if typeOf to == "list"
|
||||
then concatMapStringsSep "," (getAttr "mail") to
|
||||
else to.mail; };
|
||||
to = concatMapStringsSep "," (getAttr "mail") (toList to);
|
||||
};
|
||||
in mapAttrsToList format (with config.krebs.users; let
|
||||
spam-ml = [
|
||||
lass
|
||||
@ -167,6 +166,10 @@ let
|
||||
"makefu@retiolum" = makefu;
|
||||
"spam@retiolum" = spam-ml;
|
||||
"tv@retiolum" = tv;
|
||||
"lass@r" = lass;
|
||||
"makefu@r" = makefu;
|
||||
"spam@r" = spam-ml;
|
||||
"tv@r" = tv;
|
||||
});
|
||||
|
||||
services.openssh.hostKeys =
|
||||
|
@ -11,6 +11,24 @@ let
|
||||
|
||||
api = {
|
||||
enable = mkEnableOption "krebs.exim-retiolum";
|
||||
local_domains = mkOption {
|
||||
type = with types; listOf hostname;
|
||||
default = ["localhost"] ++ config.krebs.build.host.nets.retiolum.aliases;
|
||||
};
|
||||
primary_hostname = mkOption {
|
||||
type = types.str;
|
||||
default = let x = "${config.krebs.build.host.name}.r"; in
|
||||
assert elem x config.krebs.build.host.nets.retiolum.aliases;
|
||||
x;
|
||||
};
|
||||
relay_to_domains = mkOption {
|
||||
# TODO hostname with wildcards
|
||||
type = with types; listOf str;
|
||||
default = [
|
||||
"*.r"
|
||||
"*.retiolum"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
imp = {
|
||||
@ -21,9 +39,9 @@ let
|
||||
# TODO modular configuration
|
||||
assert config.krebs.retiolum.enable;
|
||||
''
|
||||
primary_hostname = ${retiolumHostname}
|
||||
domainlist local_domains = @ : localhost
|
||||
domainlist relay_to_domains = *.retiolum
|
||||
primary_hostname = ${cfg.primary_hostname}
|
||||
domainlist local_domains = ${concatStringsSep ":" cfg.local_domains}
|
||||
domainlist relay_to_domains = ${concatStringsSep ":" cfg.relay_to_domains}
|
||||
hostlist relay_from_hosts = <; 127.0.0.1 ; ::1
|
||||
|
||||
acl_smtp_rcpt = acl_check_rcpt
|
||||
@ -85,7 +103,7 @@ let
|
||||
|
||||
retiolum:
|
||||
driver = manualroute
|
||||
domains = ! ${retiolumHostname} : *.retiolum
|
||||
domains = ! +local_domains : +relay_to_domains
|
||||
transport = remote_smtp
|
||||
route_list = ^.* $0 byname
|
||||
no_more
|
||||
@ -125,8 +143,8 @@ let
|
||||
# mode = 0660
|
||||
|
||||
begin retry
|
||||
*.retiolum * F,42d,1m
|
||||
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
|
||||
${concatMapStringsSep "\n" (k: "${k} * F,42d,1m") cfg.relay_to_domains}
|
||||
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
|
||||
|
||||
begin rewrite
|
||||
|
||||
@ -134,8 +152,4 @@ let
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
# TODO get the hostname from somewhere else.
|
||||
retiolumHostname = "${config.networking.hostName}.retiolum";
|
||||
in
|
||||
out
|
||||
in out
|
||||
|
@ -25,14 +25,31 @@ let
|
||||
}));
|
||||
};
|
||||
|
||||
local_domains = mkOption {
|
||||
type = with types; listOf hostname;
|
||||
default = ["localhost"] ++ config.krebs.build.host.nets.retiolum.aliases;
|
||||
};
|
||||
|
||||
relay_from_hosts = mkOption {
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
apply = xs: ["127.0.0.1" "::1"] ++ xs;
|
||||
};
|
||||
|
||||
relay_to_domains = mkOption {
|
||||
# TODO hostname with wildcards
|
||||
type = with types; listOf str;
|
||||
default = [
|
||||
"*.r"
|
||||
"*.retiolum"
|
||||
];
|
||||
};
|
||||
|
||||
primary_hostname = mkOption {
|
||||
type = types.str;
|
||||
default = "${config.networking.hostName}.retiolum";
|
||||
default = let x = "${config.krebs.build.host.name}.r"; in
|
||||
assert elem x config.krebs.build.host.nets.retiolum.aliases;
|
||||
x;
|
||||
};
|
||||
|
||||
sender_domains = mkOption {
|
||||
@ -63,19 +80,11 @@ let
|
||||
# HOST_REDIR contains the real destinations for "local_domains".
|
||||
#HOST_REDIR = /etc/exim4/host_redirect
|
||||
|
||||
|
||||
# Domains not listed in local_domains need to be deliverable remotely.
|
||||
# XXX We abuse local_domains to mean "domains, we're the gateway for".
|
||||
domainlist local_domains = @ : localhost
|
||||
domainlist relay_to_domains =
|
||||
hostlist relay_from_hosts = <;${concatStringsSep ";" (
|
||||
[
|
||||
"127.0.0.1"
|
||||
"::1"
|
||||
]
|
||||
++
|
||||
cfg.relay_from_hosts
|
||||
)}
|
||||
domainlist local_domains = ${concatStringsSep ":" cfg.local_domains}
|
||||
domainlist relay_to_domains = ${concatStringsSep ":" cfg.relay_to_domains}
|
||||
hostlist relay_from_hosts = <;${concatStringsSep ";" cfg.relay_from_hosts}
|
||||
|
||||
acl_smtp_rcpt = acl_check_rcpt
|
||||
acl_smtp_data = acl_check_data
|
||||
@ -144,7 +153,7 @@ let
|
||||
retiolum:
|
||||
debug_print = "R: retiolum for $local_part@$domain"
|
||||
driver = manualroute
|
||||
domains = ! ${cfg.primary_hostname} : *.retiolum
|
||||
domains = ! +local_domains : +relay_to_domains
|
||||
transport = retiolum_smtp
|
||||
route_list = ^.* $0 byname
|
||||
no_more
|
||||
@ -197,8 +206,11 @@ let
|
||||
return_path_add
|
||||
|
||||
begin retry
|
||||
*.retiolum * F,42d,1m
|
||||
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
|
||||
${concatMapStringsSep "\n" (k: "${k} * F,42d,1m") cfg.relay_to_domains}
|
||||
${concatMapStringsSep "\n" (k: "${k} * F,42d,1m")
|
||||
# TODO don't include relay_to_domains
|
||||
(map (getAttr "from") cfg.internet-aliases)}
|
||||
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
|
||||
|
||||
begin rewrite
|
||||
begin authenticators
|
||||
|
@ -15,6 +15,7 @@ let
|
||||
addrs4 = ["10.243.111.111"];
|
||||
addrs6 = ["42:0:0:0:0:0:0:7357"];
|
||||
aliases = [
|
||||
"test.r"
|
||||
"test.retiolum"
|
||||
];
|
||||
tinc.pubkey = ''
|
||||
|
@ -5,7 +5,6 @@ with config.krebs.lib;
|
||||
{
|
||||
krebs.exim-smarthost = {
|
||||
enable = true;
|
||||
primary_hostname = "${config.networking.hostName}.retiolum";
|
||||
sender_domains = [
|
||||
"shackspace.de"
|
||||
"viljetic.de"
|
||||
|
Loading…
Reference in New Issue
Block a user