Commit Graph

26 Commits

Author SHA1 Message Date
Antoine Eiche e9dea6cdb4 postfix: also create the dh.pem if it is empty
The dh.pem file is currently created by the postfix prestart
script. If the entropy of the system is to low, the postfix prestart
can timeout. In this case, an empty file is created.
If the user restarts the postfix service, the dh.pem is not created
because the file already exists (but is empty).
When a ssl is established with dovecot, it fails with this message:
imap-login: `Error:Failed to initialize SSL server context: Couldn't parse DH parameters:
error:0906D06C:PEM routines:PEM_read_bio:no start line: Expecting: DH
PARAMETERS`

With this patch, the postfix service creates the dh.pem if the dh.pem
doesn't exist or if it is empty. It doesn't fix the entropy or
timeout issue but at least, the user knows something is failing:/
2018-05-10 01:04:02 +02:00
Robin Raymond 6bdfdca0e3 fix typo 2018-02-23 15:36:29 +01:00
Robin Raymond 5d169c3ef2 fixes #88 2018-02-23 14:56:28 +01:00
Ruben Maher 5b570ad5a0 dovecot: read dovecot version into nix variable
This allows determining whether it's OK to use particular configuration
variables that will throw errors when used in older versions.
2018-02-17 22:24:39 +10:30
Robin Raymond f6546a1a8e fix dovecot 2.3 ssl_dh 2018-02-13 13:18:31 +01:00
Robin Raymond aca43875dc update copywright 2018-01-29 10:34:27 +01:00
Robin Raymond d905be86d5 fix multidomain dkim signing fixes #24 2017-11-11 16:06:28 +01:00
John Boehr 16fb41de01 Change domain to fqdn and extraDomains to domains 2017-11-11 09:45:06 +00:00
John Boehr ebd0f656ed
Preliminary multi-domain support 2017-11-09 13:13:27 -08:00
Robin Raymond 2f7e3a9f0c initial acme support; needs testing 2017-09-23 09:56:09 +02:00
Robin Raymond bf7099d389 fix issue #8
turns out this is a upstream bug. The fix should probably be pushed to nixpkgs.
2017-09-13 11:49:33 +02:00
Robin Raymond d974be81e0 revert script exctraction 2017-09-03 16:20:47 +02:00
Robin Raymond 0c20bb3a85 move scripts to external files 2017-09-03 16:00:10 +02:00
Robin Raymond 0c414738e1 fix merge bug in systemd 2017-09-03 15:56:36 +02:00
Robin Raymond 1e0c203bf8 Merge branch 'module-rewrite' 2017-09-03 15:31:37 +02:00
Robin Raymond 3eb363fc71 systemd to module 2017-09-02 15:08:50 +02:00
Robin Raymond ebb2a5caf7 camelCase 2 2017-09-02 13:29:49 +02:00
Robin Raymond b5fccc7e39 camelCase 2017-09-02 13:23:37 +02:00
Robin Raymond 256d2c75a6 update comments 2017-09-02 12:15:22 +02:00
Robin Raymond 42c4e18438 remove unnecessary after field in systemd 2017-08-30 15:56:24 +02:00
Robin Raymond bb4717bf0b fix typo in opendkim key generation 2017-08-30 14:29:06 +02:00
Robin Raymond d05bd24040 make dovecot wait for postfix instead of other way around 2017-08-23 17:34:34 +02:00
Robin Raymond 8551dcffff enable dkim signing 2017-08-23 17:22:44 +02:00
Robin Raymond b68e64ec72 certificate scheme 2
On the fly create certificates via openssl (Maybe change this to
libressl in the future?). This is probably the best scheme to get
something that simply works. Self signed certificates only pose a
problem when connecting to retrieve the email via imap or pop3.
2017-08-13 11:51:07 +02:00
Robin Raymond 1d53a88a21 finish up dovecot configuration
also factor out users into own file
2017-08-12 12:28:46 +02:00
Robin Raymond e63b6ebda9 create maildir folder 2017-08-12 11:47:52 +02:00