From 2b3c8a56bd0bfe3bdf78fea22b24e6ac07e28e3c Mon Sep 17 00:00:00 2001
From: EuAndreh <eu@euandre.org>
Date: Sat, 11 Mar 2023 12:50:42 -0300
Subject: queue.scm: Fix mta-sts nginx configuration

---
 src/xyz/euandreh/queue.scm | 42 +++++++++++++++++++++---------------------
 1 file changed, 21 insertions(+), 21 deletions(-)

(limited to 'src')

diff --git a/src/xyz/euandreh/queue.scm b/src/xyz/euandreh/queue.scm
index 568e21f..d121839 100644
--- a/src/xyz/euandreh/queue.scm
+++ b/src/xyz/euandreh/queue.scm
@@ -845,12 +845,12 @@ keyfile ~a/private.key
 (define (cert-for config)
   (match-record config <postfix-configuration>
       (cert-file hostname)
-    (or cert-file (format #f "/etc/letsencrypt/live/~a/fullchain.pem" hostname))))
+    (or cert-file (format #f "/etc/letsencrypt/live/mta-sts.~a/fullchain.pem" hostname))))
 
 (define (key-for config)
   (match-record config <postfix-configuration>
       (key-file hostname)
-    (or key-file (format #f "/etc/letsencrypt/live/~a/privkey.pem" hostname))))
+    (or key-file (format #f "/etc/letsencrypt/live/mta-sts.~a/privkey.pem" hostname))))
 
 (define (generate-main.cf config)
   (match-record config <postfix-configuration>
@@ -1064,35 +1064,35 @@ keyfile ~a/private.key
 (define (postfix-nginx-locations config)
   (match-record config <postfix-configuration>
       (hostname)
-    (nginx-server-configuration
-      (server-name (list (string-append "mta-sts." hostname)))
-      (listen '("[::]:443 ssl http2" "443 ssl http2"))
-      (ssl-certificate     (cert-for config))
-      (ssl-certificate-key (key-for  config))
-      (locations
-        (list
-         (nginx-location-configuration
-           (uri "= /.well-known/mta-sts.txt")
-           (body
-             (list
-              (list "alias "
-                    (plain-file
-                     "mta-sts.txt"
-                     (format #f "-
-version: STSv1
+    (list
+     (nginx-server-configuration
+       (server-name (list (string-append "mta-sts." hostname)))
+       (listen '("[::]:443 ssl http2" "443 ssl http2"))
+       (ssl-certificate     (cert-for config))
+       (ssl-certificate-key (key-for  config))
+       (locations
+         (list
+          (nginx-location-configuration
+            (uri "= /.well-known/mta-sts.txt")
+            (body
+              (list
+               (list "alias "
+                     (plain-file
+                      "mta-sts.txt"
+                      (format #f "version: STSv1
 mode: enforce
 mx: ~a
 max_age: 604800
 "
-                      hostname))
-                    ";")))))))))
+                       hostname))
+                     ";"))))))))))
 
 (define (postfix-certificates config)
   (match-record config <postfix-configuration>
       (hostname)
     (list
      (certificate-configuration
-       (domains (list hostname (string-append "mta-sts." hostname)))))))
+       (domains (list (string-append "mta-sts." hostname)))))))
 
 (define (postfix-sasl-service _config)
   (list
-- 
cgit v1.2.3