aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorEuAndreh <eu@euandre.org>2023-03-17 16:32:55 -0300
committerEuAndreh <eu@euandre.org>2023-03-17 16:32:55 -0300
commit078a8aadaa0b910bfb2e37a27744b4608ef0b026 (patch)
tree2f32009b19fc083acf3da052a7b2d63b4ce80ff1
parentqueue.scm: Use newaliases(1) over postalias(8) on Postfix activation (diff)
downloadpackage-repository-078a8aadaa0b910bfb2e37a27744b4608ef0b026.tar.gz
package-repository-078a8aadaa0b910bfb2e37a27744b4608ef0b026.tar.xz
queue.scm: Parameterize Postfix Cyrus SASL directory
-rw-r--r--src/org/euandre/queue.scm18
1 files changed, 9 insertions, 9 deletions
diff --git a/src/org/euandre/queue.scm b/src/org/euandre/queue.scm
index e9b6532..d8bf915 100644
--- a/src/org/euandre/queue.scm
+++ b/src/org/euandre/queue.scm
@@ -895,6 +895,7 @@ By default, the daemon runs in a container.")))
(hostname postfix-configuration-hostname (default (gethostname)))
(dkim-filter-listen postfix-configuration-dkim-filter-listen (default "[127.0.0.1]:10027"))
(dkim-filter-relay postfix-configuration-dkim-filter-relay (default "127.0.0.1:10028"))
+ (sasl-dirname postfix-configuration-sasl-dirname (default "/etc/sasl2"))
(run-in-container? postfix-configuration-run-in-container? (default #f))
(container-name postfix-configuration-container-name (default "postfix"))
(container-namespaces postfix-configuration-container-namespaces (default (s1:fold delq container:%namespaces '(net))))
@@ -986,10 +987,7 @@ postlog unix-dgram n - n - 1 postlogd
(key-file hostname)
(or key-file (format #f "/etc/letsencrypt/live/~a~a/privkey.pem" prefix hostname))))
-(define (main.cf-internet-extra hostname cert key)
-;; FIXME: shouldn't smtpd_tls_security_level be 'encrypt'?
-;; smtpd_sasl_security_options = FIXME: deny all
-;; smtpd_milters = FIXME
+(define (main.cf-internet-extra hostname cert key sasl-dirname)
(format #f
"
myhostname = ~a
@@ -1013,14 +1011,15 @@ smtpd_relay_restrictions = $smtpd_recipient_restrictions
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
-cyrus_sasl_config_path = /etc/sasl2
+cyrus_sasl_config_path = ~a
debug_peer_list = 127.0.0.1
milter_default_action = accept
"
hostname
cert
- key))
+ key
+ sasl-dirname))
(define main.cf-local-extra
"
mynetworks = 127.0.0.0/8
@@ -1042,9 +1041,9 @@ smtp_sasl_mechanism_filter = login, plain
(define (generate-main.cf config)
(match-record config <postfix-configuration>
(mail-in-home? enable-submission? mail-directory queue-directory data-directory
- user setgid-group hostname main.cf-extra)
+ user setgid-group hostname main.cf-extra sasl-dirname)
(format #f
- "compatibility_level = 3.6
+ "compatibility_level = 3.6
queue_directory = ~a
data_directory = ~a
@@ -1069,7 +1068,8 @@ header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGN
(main.cf-internet-extra
hostname
(cert-for "" config)
- (key-for "" config))
+ (key-for "" config)
+ sasl-dirname)
main.cf-local-extra))))
(define (postfix-etc-files config)