From 387c4d910c51817cca1d7ac3a73318b9c06bea5e Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@nix.build>
Date: Fri, 15 Sep 2023 13:23:20 +0200
Subject: machines: Remove "mailserver"

This one never was in use and it was WIP code to do a more fleshed out
mailserver configuration that should match an Ansible deployment of a
mailserver we had back then at OpenLab.

The machine was never in use (which is apparent from its configuration)
and I even *added* it to Vuizvui from "LaberNix" (Vuizvui's predecessor)
in 915e56fb4453b0701a423b0c96fb145318162ffd probably just for the sake
of completeness.

Signed-off-by: aszlig <aszlig@nix.build>
---
 machines/default.nix         |   3 --
 machines/misc/mailserver.nix | 118 -------------------------------------------
 2 files changed, 121 deletions(-)
 delete mode 100644 machines/misc/mailserver.nix

(limited to 'machines')

diff --git a/machines/default.nix b/machines/default.nix
index fe4e82f0..8dcd8e0f 100644
--- a/machines/default.nix
+++ b/machines/default.nix
@@ -22,7 +22,4 @@ with import ../lib;
     ludwig = callMachine ./sternenseemann/ludwig.nix {};
     wolfgang = callMachine ./sternenseemann/wolfgang.nix {};
   };
-  misc = {
-    mailserver = callMachine ./misc/mailserver.nix {};
-  };
 }
diff --git a/machines/misc/mailserver.nix b/machines/misc/mailserver.nix
deleted file mode 100644
index a9548fcb..00000000
--- a/machines/misc/mailserver.nix
+++ /dev/null
@@ -1,118 +0,0 @@
-{ config, pkgs, lib, ... }: let
-  vhostMap = {
-    smtpd_sender_login_maps = [
-      "SELECT username AS allowedUser"
-      "FROM mailbox"
-      "WHERE username='%s' AND active = 1"
-      "UNION SELECT goto FROM alias"
-      "WHERE address='%s' AND active = 1"
-    ];
-
-    virtual_alias_maps = [
-      "SELECT goto"
-      "FROM alias"
-      "WHERE address='%s' AND active = '1'"
-    ];
-
-    virtual_mailbox_domains = [
-      "SELECT domain"
-      "FROM domain"
-      "WHERE domain='%s' AND active = '1'"
-    ];
-
-    virtual_mailbox_maps = [
-      "SELECT maildir"
-      "FROM mailbox"
-      "WHERE username='%s' AND active = '1'"
-    ];
-  };
-
-  mkDbMap = query: "proxy:pgsql:${pkgs.writeText "database.cf" ''
-    hosts = localhost
-    user = postfix
-    dbname = postfix
-    query = ${query}
-  ''}";
-
-in {
-  services.spamassassin.enable = true;
-
-  services.postfix.enable = true;
-  services.postfix.hostname = "mailtest.lan";
-
-  # TODO: This is a dummy, replace it once we know about the real root fs.
-  fileSystems."/".label = "root";
-  boot.loader.grub.device = "nodev";
-
-  vuizvui.services.postfix.enable = true;
-  vuizvui.services.postfix.restrictions = {
-    sender = [
-      "reject_authenticated_sender_login_mismatch"
-      "reject_unknown_sender_domain"
-    ];
-    recipient = [
-      "permit_sasl_authenticated"
-      "permit_mynetworks"
-      "reject_unauth_destination"
-      "reject_invalid_hostname"
-      "reject_non_fqdn_hostname"
-      "reject_non_fqdn_sender"
-      "reject_non_fqdn_recipient"
-      "reject_unknown_reverse_client_hostname"
-    ];
-    helo = [
-      "permit_sasl_authenticated"
-      "permit_mynetworks"
-      "reject_invalid_hostname"
-      "reject_unauth_pipelining"
-      "reject_non_fqdn_hostname"
-    ];
-  };
-
-  services.postfix.extraConfig = ''
-    ${lib.concatStrings (lib.mapAttrsToList (cfgvar: query: ''
-      ${cfgvar} = ${mkDbMap (lib.concatStringsSep " " query)}
-    '') vhostMap)}
-
-    # a bit more spam protection
-    disable_vrfy_command = yes
-
-    smtpd_sasl_type=dovecot
-    smtpd_sasl_path=private/auth_dovecot XXXXXXXXXXXXXXX
-    smtpd_sasl_auth_enable = yes
-    smtpd_sasl_authenticated_header = yes
-    broken_sasl_auth_clients = yes
-
-    proxy_read_maps = ${lib.concatStringsSep " " (map (s: "\$${s}") [
-      "local_recipient_maps" "mydestination" "virtual_alias_maps"
-      "virtual_alias_domains" "virtual_mailbox_maps" "virtual_mailbox_domains"
-      "relay_recipient_maps" "relay_domains" "canonical_maps"
-      "sender_canonical_maps" "recipient_canonical_maps" "relocated_maps"
-      "transport_maps" "mynetworks" "smtpd_sender_login_maps"
-    ])}
-
-    local_transport = virtual
-    virtual_transport = dovecot
-
-    virtual_uid_maps = static:5000 XXXXXXXXXXXX
-    virtual_gid_maps = static:5000 XXXXXXXXXXXX
-
-    smtpd_tls_cert_file=/etc/ssl/mail.crt XXXX: KEYS
-    smtpd_tls_key_file=/etc/ssl/mail.key XXXX: KEYS
-    smtpd_use_tls=yes
-  '';
-
-  services.postfix.extraMasterConf = ''
-    mailman unix - n n - - pipe
-      flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ''${nexthop} ''${user}
-      # ^^^ FIXME: maybe not needed!
-
-    dovecot unix - n n - - pipe
-      flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -d ''${recipient}
-      # ^^^ FIXME: maybe not needed!
-
-    spamassassin unix - n n - - pipe
-      user=${toString config.ids.uids.spamd} argv=${pkgs.spamassassin}/bin/spamc -f -e /var/setuid-wrappers/sendmail -oi -f ''${sender} ''${recipient}
-      # ^^^ FIXME: maybe not needed!
-  '';
-}
-- 
cgit 1.4.1