Commit Graph

555 Commits

Author SHA1 Message Date
Antoine Eiche 131c48de9b Preserve the compatibility with nixos-22.11 2023-06-11 17:10:14 +02:00
Antoine Eiche 290d00f6db Improve the certificateScheme number deprecation warning message 2023-06-11 07:29:18 +00:00
Mynacol 7e09d8f537 docs: add submissions DNS record for autodiscovery
Add the submissions autodiscovery SRV DNS record for implicit TLS in
SMTP (submission) connections according to
[RFC 8314](https://www.rfc-editor.org/rfc/rfc8314#section-5.1).
2023-05-29 15:09:08 +02:00
Antoine Eiche 1bcfcf786b Remove the NixOS 22.11 support
Because the option `nodes.domain1.services.dnsmasq.settings' does not
exist.
2023-05-24 23:37:17 +02:00
Naïm Favier a948c49ca7 Allow using existing ACME certificates
Add a certificate scheme for using an existing ACME certificate without
setting up Nginx.

Also use names instead of magic numbers for certificate schemes.
2023-05-24 21:10:02 +00:00
Naïm Favier 42c5564791 tests: use `services.dnsmasq.settings`
Gets rid of the warning about `extraConfig` being deprecated.
2023-05-24 21:10:02 +00:00
Antoine Eiche fd605a419b Fix test names 2023-05-24 23:06:29 +02:00
Lafiel d8131ffc61 dovecot: split passdb and userdb 2023-05-23 20:41:36 +00:00
Maximilian Bosch bd99079363 mail-server/dovecot: also learn spam/ham on APPEND
The current configuration doesn't work when moving spam from the INBOX
to Junk on a local maildir and then syncing the result to the IMAP
server with `mbsync(1)`. This is because `mbsync(1)` doesn't support a
mvoe-detection[1] (i.e. an IMAP MOVE which subsequently causes a Sieve
COPY according to RFC6851 which then triggers report{h,sp}am.sieve), but
instead sends `APPEND` (and removes the message in the src mailbox after
that).

Tested on my own mailserver that this fixes spam learning.

This doesn't work the other way round though because `APPEND` doesn't
have an origin. However, learning mails as spam happens more often than
learning spam as ham, so this is IMHO still useful.

[1] https://sourceforge.net/p/isync/mailman/isync-devel/thread/87y2p1tihz.fsf%40ericabrahamsen.net/#msg37030483
2023-05-23 19:49:59 +00:00
Juergen Fitschen c04e4f22da opendkim: make public key world-readable 2023-05-14 07:11:48 +00:00
Maximilian Bosch e2ca6e45f3 docs: add instructions for rfc6186-compliant setup 2023-05-14 07:08:27 +00:00
Naïm Favier 6d0d9fb966
Update nixpkgs
Option values are now rendered correctly as Nix thanks to
https://github.com/NixOS/nixpkgs/pull/199363
2022-12-22 20:45:03 +01:00
Naïm Favier 0bbb2ac74e
docs: drop options.md from the repository
Generate the file on the readthedocs builder using Nix. Since there is
no root access or user namespaces, we have to use proot (see
https://nixos.wiki/wiki/Nix_Installation_Guide#PRoot).
2022-12-22 20:45:03 +01:00
Naïm Favier 4fcab839d7
docs: use MarkDown for option docs 2022-12-22 20:45:01 +01:00
Antoine Eiche bc667fb6af Release 22.11 2022-12-21 22:46:04 +01:00
Antoine Eiche 31eadb6388 doc: regenerate it 2022-11-30 21:03:13 +01:00
Antoine Eiche 033b3d2a45 Removing 22.05 release
Because of some incompabilities with the 22.11 release.
2022-11-30 20:59:39 +01:00
Naïm Favier 694e7d34f6
docs: option docs improvements
- add missing description and defaultText fields
- add dmarcReporting option group
- render examples
2022-11-30 12:30:29 +01:00
Martin Weinelt fe36e7ae0d rspamd: allow configuring dmarc reporting
Enabling collects DMARC results in Redis and sends out aggregated
reports (RUA) on a daily basis.
2022-11-27 20:34:38 +00:00
Antoine Eiche 3f0b7a1b5c ci: pin nixpkgs to 22.05
Because hydra-cli build is currently broken on unstable.
2022-11-27 20:43:25 +01:00
Antoine Eiche 737eb4f398 docs: explicitly mention a reverse DNS entry is required
Fixes https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/234
2022-11-27 19:14:52 +00:00
Linus Heckemann a40e9c3abb htpasswd -> mkpasswd 2022-11-27 19:14:22 +00:00
Martin Weinelt 004c229ca4
Convert minimal test to python test driver 2022-07-19 23:54:04 +02:00
Antoine Eiche f535d8123c Release 22.05 2022-06-22 22:39:06 +02:00
Ryan Mulligan 15cf252a0d monit/rspamd: monitor by process name 2022-05-24 20:15:37 +00:00
Niklas Hambüchen 6284a20f77 acme: Switch from `postRun` to `reloadServices` to fix hangs. Fixes #232 2022-05-24 20:11:52 +00:00
Ryan Mulligan 4396125ebb docs/full text search: fix typo; improve ux
docecot -> dovecot

Also, `indexDir` is not expecting to see %d/%n being passed to that
parameter, so remove that to make it easier to cpy the path into
there.
2022-05-08 16:02:12 -07:00
Fatih Altinok 4ce864f52a Fix typo in title 2022-04-16 18:17:48 +00:00
Guillaume Girol 75728d2686 tests: compatibility with fts xapian 1.5.4 2022-03-05 12:00:00 +00:00
Guillaume Girol 7de138037f docs: add how-to to setup roundcube 2022-02-26 17:06:52 +00:00
Antoine Eiche 021b5c8f73 ci: enable the nix-command feature 2022-02-25 09:24:52 +01:00
Naïm Favier 46ef908c91
rspamd: set default port for redis
Since we are now using services.redis.servers.rspamd, the port defaults
to 0 (i.e. do not bind a TCP socket). We still want rspamd to connect to
redis via TCP, so set a default port that is one above the default redis port.
2022-02-24 22:06:20 +01:00
Naïm Favier 53af883255 Regenerate options.rst 2022-02-24 20:51:40 +00:00
Naïm Favier 4ed684481b Update nixos-unstable and drop 21.11 2022-02-24 20:51:40 +00:00
Naïm Favier f4c14572fc Drop 21.05 branch 2022-02-24 20:51:40 +00:00
Naïm Favier ef03562eba make option documentation compatible with nixos-search 2022-02-24 20:51:40 +00:00
Antoine Eiche 11ad4742aa Fix CI job because of Nix new CLI options 2022-02-24 20:49:27 +00:00
Antoine Eiche 665aa181e6 ci: make release-21.11 a flake job 2022-02-20 11:29:33 +01:00
Antoine Eiche 6e3a7b2ea6 Release nixos-21.11 2021-12-07 22:09:14 +01:00
Izorkin f3d967f830
nginx: generate certificates for custom domains and subdomains 2021-12-05 20:53:21 +03:00
Kerstin Humm 7c7ed5ce06 Revert "rspamd: make sure redis is started over TCP socket"
This reverts commit 4f0f0128d8.

Redis does seem to run fine with both unixSocket and TCP enabled. This
broke people's setups.
2021-12-01 01:01:03 +01:00
Lionello Lunesu 822c5f22bd Fix fullTextSearch.enable=false 2021-11-26 04:57:43 +00:00
DwarfMaster 4f0f0128d8 rspamd: make sure redis is started over TCP socket 2021-11-17 17:59:32 +01:00
Lionello Lunesu 6e8142862f opendkim: don't recreate keys if private key is present 2021-11-07 19:57:12 +00:00
Guillaume Girol a13526a6e3 nginx.nix: don't reload nginx
Fixes #227

Reloading nginx manually is actually not needed (see
nginx-config-reload.service) and causes deadlocks.
2021-11-07 19:10:00 +00:00
Antoine Eiche 9d3a87905e docs: add .readthedocs.yml conf file to pin Python dependencies 2021-11-07 11:13:06 +01:00
Lionello ef8ca96c5d Fix typos in indexDir example 2021-11-01 23:18:18 +00:00
Ero Sennin 0d9a880c0e Set DKIM policy to relaxed/relaxed
And make this policy configurable.
2021-10-14 18:45:21 +00:00
Antoine Eiche acaba31d8f docs: fix the test which could never fail 2021-10-14 09:07:32 +02:00
Antoine Eiche 74bb227990 docs: remove output paths from generated documentation
Otherwise, the `testRstOptions` test would fail too often!
2021-10-14 09:06:14 +02:00