diff options
author | EuAndreh <eu@euandre.org> | 2023-03-17 16:46:08 -0300 |
---|---|---|
committer | EuAndreh <eu@euandre.org> | 2023-03-17 16:46:08 -0300 |
commit | 5d321d74e0951853e95c109b9800012f238279b3 (patch) | |
tree | 1f9929728ed79afc9d65e7f9b7e354ac335e3196 /src/org/euandre/queue.scm | |
parent | queue.scm: Add supplementary-groups to Postfix (diff) | |
download | package-repository-5d321d74e0951853e95c109b9800012f238279b3.tar.gz package-repository-5d321d74e0951853e95c109b9800012f238279b3.tar.xz |
queue.scm: Cleanup Postfix config
Diffstat (limited to 'src/org/euandre/queue.scm')
-rw-r--r-- | src/org/euandre/queue.scm | 56 |
1 files changed, 17 insertions, 39 deletions
diff --git a/src/org/euandre/queue.scm b/src/org/euandre/queue.scm index 857bbff..01b5645 100644 --- a/src/org/euandre/queue.scm +++ b/src/org/euandre/queue.scm @@ -973,9 +973,9 @@ verify unix - - n - 1 verify virtual unix - n n - - virtual postlog unix-dgram n - n - 1 postlogd ~a~a~a" - (if enable-submission? (dksign-filter dkim-filter-listen) "") + (if enable-submission? (dksign-filter dkim-filter-listen) "") (if enable-submission? (submission-config dkim-filter-listen) "") - (if enable-submission? (dksign-config dkim-filter-relay) "") + (if enable-submission? (dksign-config dkim-filter-relay) "") master.cf-extra))) (define (cert-for prefix config) @@ -1026,19 +1026,6 @@ milter_default_action = accept mynetworks = 127.0.0.0/8 ") -#; -" -sender_dependent_relayhost_maps = hash:/var/lib/private/postfix/relayhosts-maps -smtp_sasl_password_maps = hash:/var/lib/private/postfix/sasl-password -smtp_sasl_auth_enable = yes -smtp_sasl_security_options = noanonymous -smtp_tls_security_level = encrypt -smtp_tls_note_starttls_offer = yes -smtp_use_tls = yes -smtp_sender_dependent_authentication = yes -smtp_sasl_mechanism_filter = login, plain -" -;; postfix -> package (define (generate-main.cf config) (match-record config <postfix-configuration> (mail-in-home? enable-submission? mail-directory queue-directory data-directory @@ -1154,6 +1141,7 @@ header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGN (least-authority-wrapper bin #:name container-name + #:namespaces container-namespaces #:mappings (append (list (file-system-mapping @@ -1164,31 +1152,26 @@ header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGN (source queue-directory) (target source) (writable? #t))) - extra-mappings) - #:namespaces container-namespaces)))) + extra-mappings))))) (list (shepherd-service (provision '(postfix)) (documentation - "- - Run the Postfix MTA. + "Run the Postfix MTA. - This is the entrypoint for starting the \"master\" process. Then the - \"master\" process itself takes responsability of starting all the - required daemons and commands.") +This is the entrypoint for starting the \"master\" process. Then the \"master\" +process itself takes responsability of starting all the required daemons and +commands.") (start #~(make-forkexec-constructor - (list - #$cmd - "-c" - #$config-dir - "start-fg") + (list #$cmd "-c" #$config-dir "start-fg") #:pid-file "/var/lib/postfix/master.lock")) (stop #~(make-kill-destructor SIGKILL)) (actions (list (shepherd-action (name 'configuration) - (documentation "FIXME:DOCUMENTATION") + (documentation "Display the name of the \"master.cf\" and +\"main.cf\" file being used") (procedure #~(lambda _ (format #t "~a/master.cf~%" #$config-dir) @@ -1196,20 +1179,16 @@ header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGN (shepherd-action (name 'reload) (documentation - " - Re-read the \"master.cf\" and \"main.cf\" configuration files. + "Re-read the \"master.cf\" and \"main.cf\" configuration files. - Daemon processes terminate when possible, and when restarted - use the values of the new configuration files. +Daemon processes terminate when possible, and when restarted use the values of +the new configuration files. - This live-reload option is usually preferable over a stop/start - cycle, as it incurs in no interruption of the running service.") +This live-reload option is usually preferable over a stop/start cycle, as it +incurs in no interruption of the running service.") (procedure #~(lambda _ - (invoke #$(file-append postfix "/sbin/postfix") - "-c" - #$config-dir - "reload"))))))))))) + (invoke #$cmd "-c" #$config-dir "reload"))))))))))) (define (postfix-aliases config) (match-record config <postfix-configuration> @@ -1218,7 +1197,6 @@ header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGN `(,alias "root")) root-aliases))) - (define (postfix-nginx-locations config) (match-record config <postfix-configuration> (hostname) |