implement qutoas
This commit is contained in:
parent
2d0648e0f4
commit
eeb7fd64af
10
default.nix
10
default.nix
|
@ -78,6 +78,16 @@ in
|
|||
'';
|
||||
};
|
||||
|
||||
quota = mkOption {
|
||||
type = with types; nullOr types.str;
|
||||
default = null;
|
||||
example = "2G";
|
||||
description = ''
|
||||
Per user quota rules. Accepted sizes are `xx k/M/G/T` with the
|
||||
obvious meaning. Leave blank for the standard quota `100G`.
|
||||
'';
|
||||
};
|
||||
|
||||
sieveScript = mkOption {
|
||||
type = with types; nullOr lines;
|
||||
default = null;
|
||||
|
|
|
@ -20,7 +20,10 @@ let
|
|||
cfg = config.mailserver;
|
||||
# passwd :: [ String ]
|
||||
passwd = lib.mapAttrsToList
|
||||
(name: value: "${name}:${value.hashedPassword}:${builtins.toString cfg.vmailUID}:${builtins.toString cfg.vmailUID}::${cfg.mailDirectory}:/run/current-system/sw/bin/nologin:")
|
||||
(name: value: "${name}:${value.hashedPassword}:${builtins.toString cfg.vmailUID}:${builtins.toString cfg.vmailUID}::${cfg.mailDirectory}:/run/current-system/sw/bin/nologin:"
|
||||
+ (if lib.isString value.quota
|
||||
then "userdb_quota_rule=*:storage=${value.quota}"
|
||||
else ""))
|
||||
cfg.loginAccounts;
|
||||
in
|
||||
{
|
||||
|
@ -41,6 +44,7 @@ in
|
|||
else if cfg.certificateScheme == 3
|
||||
then "/var/lib/acme/${cfg.fqdn}/key.pem"
|
||||
else throw "Error: Certificate Scheme must be in { 1, 2, 3 }";
|
||||
|
||||
# passwdFile :: PATH
|
||||
passwdFile = builtins.toFile "passwd" (lib.concatStringsSep "\n" passwd);
|
||||
}
|
||||
|
|
|
@ -32,6 +32,7 @@ in
|
|||
enableImap = enableImap;
|
||||
enablePop3 = enablePop3;
|
||||
enablePAM = false;
|
||||
enableQuota = true;
|
||||
mailGroup = vmailGroupName;
|
||||
mailUser = vmailUserName;
|
||||
mailLocation = dovecot_maildir;
|
||||
|
@ -80,6 +81,11 @@ in
|
|||
args = ${passwdFile}
|
||||
}
|
||||
|
||||
userdb {
|
||||
driver = passwd-file
|
||||
args = ${passwdFile}
|
||||
}
|
||||
|
||||
service auth {
|
||||
unix_listener /var/lib/postfix/queue/private/auth {
|
||||
mode = 0660
|
||||
|
|
|
@ -124,6 +124,9 @@ in
|
|||
smtpd_sasl_auth_enable = yes
|
||||
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
|
||||
|
||||
# quota
|
||||
smtpd_recipient_restrictions = check_policy_service inet:mailstore.example.com:12340
|
||||
|
||||
# TLS settings, inspired by https://github.com/jeaye/nix-files
|
||||
# Submission by mail clients is handled in submissionOptions
|
||||
smtpd_tls_security_level = may
|
||||
|
|
Loading…
Reference in New Issue