diff options
-rw-r--r-- | labernix/README.md | 10 | ||||
-rw-r--r-- | labernix/common.nix | 4 | ||||
-rw-r--r-- | labernix/default.nix | 7 | ||||
-rw-r--r-- | labernix/modules/config/labernix-pkgs.nix | 7 | ||||
-rw-r--r-- | labernix/modules/module-list.nix | 4 | ||||
-rw-r--r-- | labernix/modules/services/postfix/default.nix | 1 | ||||
-rw-r--r-- | machines/default.nix | 3 | ||||
-rw-r--r-- | machines/misc/mailserver.nix (renamed from labernix/machines/mailserver.nix) | 5 | ||||
-rw-r--r-- | modules/module-list.nix | 1 | ||||
-rw-r--r-- | modules/services/postfix/default.nix (renamed from labernix/modules/services/postfix/restrictions.nix) | 38 |
10 files changed, 31 insertions, 49 deletions
diff --git a/labernix/README.md b/labernix/README.md deleted file mode 100644 index dd081f1c..00000000 --- a/labernix/README.md +++ /dev/null @@ -1,10 +0,0 @@ -# LaberNix - -A collection of [Nix][] expressions for (Open)Labers (people from the OpenLab), -which **of course** is the only reason why the name of this repository is like -this. - -No coincidences, right? - -[Nix]: https://nixos.org/nix/ -Hydra builds: https://headcounter.org/hydra/jobset/openlab/labernix diff --git a/labernix/common.nix b/labernix/common.nix deleted file mode 100644 index b012032a..00000000 --- a/labernix/common.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ - imports = import ./modules/module-list.nix; - networking.firewall.enable = false; -} diff --git a/labernix/default.nix b/labernix/default.nix deleted file mode 100644 index 20118162..00000000 --- a/labernix/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - machines = { - heinrich = import ./machines/heinrich.nix; - labtop = import ./machines/labtop.nix; - mailserver = import ./machines/mailserver.nix; - }; -} diff --git a/labernix/modules/config/labernix-pkgs.nix b/labernix/modules/config/labernix-pkgs.nix deleted file mode 100644 index c1f6d807..00000000 --- a/labernix/modules/config/labernix-pkgs.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - nixpkgs.config.packageOverrides = pkgs: { - labernix = import ../../pkgs { - inherit pkgs; - }; - }; -} diff --git a/labernix/modules/module-list.nix b/labernix/modules/module-list.nix deleted file mode 100644 index 5137c672..00000000 --- a/labernix/modules/module-list.nix +++ /dev/null @@ -1,4 +0,0 @@ -[ - ./config/labernix-pkgs.nix - ./services/postfix -] diff --git a/labernix/modules/services/postfix/default.nix b/labernix/modules/services/postfix/default.nix deleted file mode 100644 index 4103a41b..00000000 --- a/labernix/modules/services/postfix/default.nix +++ /dev/null @@ -1 +0,0 @@ -import ./restrictions.nix # TODO: Dummy for now, implement me! diff --git a/machines/default.nix b/machines/default.nix index 51f446b1..46e5f9c7 100644 --- a/machines/default.nix +++ b/machines/default.nix @@ -21,4 +21,7 @@ in { heinrich = callMachine ./labnet/heinrich.nix; labtop = callMachine ./labnet/labtop.nix; }; + misc = { + mailserver = callMachine ./misc/mailserver.nix; + }; } diff --git a/labernix/machines/mailserver.nix b/machines/misc/mailserver.nix index 7d4bd397..a9548fcb 100644 --- a/labernix/machines/mailserver.nix +++ b/machines/misc/mailserver.nix @@ -35,8 +35,6 @@ ''}"; in { - imports = [ ../common.nix ]; - services.spamassassin.enable = true; services.postfix.enable = true; @@ -46,7 +44,8 @@ in { fileSystems."/".label = "root"; boot.loader.grub.device = "nodev"; - labernix.postfix.restrictions = { + vuizvui.services.postfix.enable = true; + vuizvui.services.postfix.restrictions = { sender = [ "reject_authenticated_sender_login_mismatch" "reject_unknown_sender_domain" diff --git a/modules/module-list.nix b/modules/module-list.nix index 26e740b2..2fc50017 100644 --- a/modules/module-list.nix +++ b/modules/module-list.nix @@ -1,5 +1,6 @@ [ ./profiles/common.nix + ./services/postfix ./user/aszlig/profiles/base.nix ./user/aszlig/profiles/workstation ./user/aszlig/programs/gajim diff --git a/labernix/modules/services/postfix/restrictions.nix b/modules/services/postfix/default.nix index fbb47f10..8a0865b9 100644 --- a/labernix/modules/services/postfix/restrictions.nix +++ b/modules/services/postfix/default.nix @@ -3,51 +3,63 @@ with lib; let + cfg = config.vuizvui.services.postfix; + mkRestriction = name: specificDescription: { option.${name} = mkOption { default = null; - type = types.nullOr types.list; + type = types.nullOr (types.listOf types.str); description = '' A list of restrictions to apply or <option>null</option> to use the built-in default value from Postfix. ${specificDescription} ''; }; + config = let - cfg = config.labernix.postfix.restrictions.${name}; - in mkIf (cfg != null) '' - smtpd_${name}_restrictions = ${concatStringsSep ", " cfg} - ''; + restrictions = cfg.restrictions.${name}; + in mkIf (restrictions != null) { + services.postfix.extraConfig = '' + smtpd_${name}_restrictions = ${concatStringsSep ", " restrictions} + ''; + }; }; + restrictions = mapAttrsToList mkRestriction { - client = mkRestriction '' + client = '' SMTP server access restrictions in the context of a client SMTP connection request. ''; - data = mkRestriction '' + data = '' Access restrictions that the Postfix SMTP server applies in the context of the SMTP DATA command. ''; - end_of_data = mkRestriction '' + end_of_data = '' Access restrictions that the Postfix SMTP server applies in the context of the SMTP END-OF-DATA command. ''; - etrn = mkRestriction '' + etrn = '' SMTP server access restrictions in the context of a client ETRN request. ''; - helo = mkRestriction '' + helo = '' Restrictions that the Postfix SMTP server applies in the context of the SMTP HELO command. ''; - recipient = mkRestriction '' + recipient = '' Access restrictions that the Postfix SMTP server applies in the context of the RCPT TO command. ''; - sender = mkRestriction '' + sender = '' Restrictions that the Postfix SMTP server applies in the context of the MAIL FROM command. ''; }; + in { - options.labernix.postfix.restrictions = mapAttrs mkRestriction restrictions; + options.vuizvui.services.postfix = { + enable = mkEnableOption "Vuizvui Postfix"; + restrictions = fold mergeAttrs {} (catAttrs "option" restrictions); + }; + + config = mkIf cfg.enable (mkMerge (catAttrs "config" restrictions)); } |