christian
/
nixos-mailserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

set virtual_alias_maps for LDAP

This commit is contained in:
Christian Ulrich 2024-11-10 23:46:17 +01:00
parent 93e2e9395c
commit de81e88692
No known key found for this signature in database
GPG Key ID: 8241BE099775A097
1 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
mail-server/postfix.nix
View File

@ -191,6 +191,19 @@ let
passwordFile = cfg.ldap.bind.passwordFile; passwordFile = cfg.ldap.bind.passwordFile;
destination = ldapVirtualMailboxMapFile; destination = ldapVirtualMailboxMapFile;
}; };
ldapVirtualAliasMap = pkgs.writeText "ldap-virtual-alias-map.cf" ''
${commonLdapConfig}
query_filter = ${cfg.ldap.postfix.filter}
result_attribute = ${cfg.ldap.postfix.mailAttribute}
'';
ldapVirtualAliasMapFile = "/run/postfix/ldap-virtual-alias-map.cf";
appendPwdInVirtualAliasMap = appendLdapBindPwd {
name = "ldap-virtual-alias-map";
file = ldapVirtualAliasMap;
prefix = "bind_pw = ";
passwordFile = cfg.ldap.bind.passwordFile;
destination = ldapVirtualAliasMapFile;
};
in in
{ {
config = with cfg; lib.mkIf enable { config = with cfg; lib.mkIf enable {
@ -198,6 +211,7 @@ in
systemd.services.postfix-setup = lib.mkIf cfg.ldap.enable { systemd.services.postfix-setup = lib.mkIf cfg.ldap.enable {
preStart = '' preStart = ''
${appendPwdInVirtualMailboxMap} ${appendPwdInVirtualMailboxMap}
${appendPwdInVirtualAliasMap}
${appendPwdInSenderLoginMap} ${appendPwdInSenderLoginMap}
''; '';
restartTriggers = [ appendPwdInVirtualMailboxMap appendPwdInSenderLoginMap ]; restartTriggers = [ appendPwdInVirtualMailboxMap appendPwdInSenderLoginMap ];
@ -242,6 +256,8 @@ in
]; ];
virtual_alias_maps = lib.mkAfter (lib.optionals (regex_valiases_postfix != {}) [ virtual_alias_maps = lib.mkAfter (lib.optionals (regex_valiases_postfix != {}) [
(mappedRegexFile "regex_valias") (mappedRegexFile "regex_valias")
] ++ lib.optionals (cfg.ldap.enable) [
"ldap:${ldapVirtualAliasMapFile}"
]); ]);
virtual_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp"; virtual_transport = "lmtp:unix:/run/dovecot2/dovecot-lmtp";
# Avoid leakage of X-Original-To, X-Delivered-To headers between recipients # Avoid leakage of X-Original-To, X-Delivered-To headers between recipients