Commit Graph

431 Commits

Author SHA1 Message Date
Brian Olsen eb70dd1f55
Fix passwfile update
Currently oneshot services are not re-run on NixOS activate and that
meant that you needed to manually restart `gen-passwd-file` for new
users to be available.

This commit removes the `gen-passwd-file` service and instead simply
calls the same script in the dovecot2 preStart.
2020-06-19 16:02:21 +02:00
Benjamin Asbach fb8886547b Enable dovecot option to prefer server ciphers
This might prevent misconfigured clients to use a weak cipher when stronger ciphers are available.
2020-05-27 10:10:59 +02:00
Benjamin Asbach 9b98746515 Set TLSv1.2 as minimal TLS version for dovecot
TLSv1 and TLSv1.1 are commonly opinioned as deprecated.
2020-05-27 10:10:59 +02:00
Benjamin Asbach 87e66046c1 Fixed url to contributor tab 2020-05-26 21:00:37 +02:00
Ryan Trinkle 066dba1b2f Fix spelling of `lmtp` in option 2020-05-25 18:19:32 -04:00
Antoine Eiche e1b0bb42b4 ci: add 20.03 jobset 2020-05-24 20:41:03 +02:00
Antoine Eiche 54ecf17810 Release nixos-20.03 2020-05-24 20:41:03 +02:00
Brian Olsen aed5d9e523
Switch from using postfix extraConfig to config
`services.postfix.extraConfig` is just a string while the
`services.postfix.config` option configures the same thing but with a
typed attrset instead which is easier to manipulate and override in Nix.
2020-05-22 12:19:50 +02:00
Benjamin Asbach c2ee9f217a Enabled TLS 1.3 support 2020-05-13 00:20:22 +00:00
Antoine Eiche b8e4ed00c3 Remove 19.09 support
Note there is still the 19.09 branch.
2020-05-11 21:46:01 +00:00
Antoine Eiche 830c66f1be readme: no more release but branch instead
For each NixOS release, we publish a branch. This would allow us to
continue to apply patches to these branches, in case of bug or
security fixes.
2020-05-11 21:46:01 +00:00
Antoine Eiche 7788eccc24 Merge branch 'eqyiel/nixos-mailserver-feat/make-lmtp_save_to_detail_mailbox-optional' 2020-05-08 21:02:55 +02:00
Antoine Eiche 9b5779de16 tests/intern: set memorySize to 1G
There is an OOM when running this test.
2020-05-08 20:43:46 +02:00
Antoine Eiche abe3c4aedc Add send-only test
In the intern test, we send a mail to a send-only account and check
the reject message is correcly returned.
2020-05-08 20:43:46 +02:00
Antoine Eiche 41219cc690 Rename rejectMessage to sendOnlyRejectMessage 2020-05-08 20:43:46 +02:00
Galen Abell d47e4ead88 Add send-only accounts 2020-05-08 20:43:46 +02:00
Symphorien Gibol b7c49fa26a update nixpkgs unstable 2020-05-05 19:07:46 +00:00
Symphorien Gibol 8e95d4e456 tests/extern.nix: increase memory
got oom several time with rspamd 2.5 update
2020-05-05 19:07:46 +00:00
Symphorien Gibol 7ccf35cb5f tests/clamav.nix: relax expected error message
with rspamd 2.5 it only says Spam message rejected
2020-05-05 19:07:46 +00:00
Symphorien Gibol 9e772d166c rspamd: configure redis backend
The sqlite backed is deprecated, and the redis backend is the default
since rspamd 2.0.

Not having redis started results in such errors:
rspamd_redis_init: cannot init redis backend for BAYES_SPAM

To migrate the sqlite database, run

rspamadm statconvert --spam-db /var/lib/rspamd/bayes.spam.sqlite --ham-db /var/lib/rspamd/bayes.ham.sqlite -h 127.0.0.1:6379 --symbol-ham BAYES_HAM --symbol-spam BAYES_SPAM

The current module implements the recommended configuration that this
utility prints out.
2020-05-05 19:07:46 +00:00
Antoine Eiche ac0f5c118f ci: build the branch 19.09 2020-05-05 21:03:10 +02:00
Antoine Eiche 899d68ac7a ci: better error message
The error message contains a link to the latest Hydra evaluation.
2020-04-23 00:23:17 +02:00
Antoine Eiche b0647c95c9 Remove the GitLab runner related code 2020-04-22 23:35:48 +02:00
Antoine Eiche b5263680a4 Check the Hydra master jobset as well 2020-04-22 23:35:48 +02:00
Antoine Eiche 493afb5f9a ci: check Hydra jobsets status 2020-04-19 15:08:32 +02:00
Antoine Eiche 1cac50dab5 .hydra: fix pull request jobset description 2020-04-19 14:59:01 +02:00
Antoine Eiche 2493056eed Setup an Hydra declarative project
This commit adds configuration files ingested an Hydra instance to
create a declarative project.
Currently, this Hydra instance builds
- the master branch
- all pull requests

We use the nix community provided Hydra instance
https://hydra.nix-community.org/project/simple-nixos-mailserver.
2020-04-19 10:01:57 +02:00
Antoine Eiche 09ca79801b tests: no ssl cert check for fetchmail
Since the certificate is autosigned, an SSL error was emitted by
dovecot.
2020-04-19 10:01:57 +02:00
Antoine Eiche a53aa5ac9a Use Niv to pin nixpkgs releases
Before using Niv, we were following channels meaning we can not
reproduce CI jobs easily.

In this change, we use Niv to pin these dependencies. We are also
addding a tests/default.nix to be able to run these tests locally.

For instance, to run the test extern.nix on the nixpkgs-19.09 release:

    nix-build tests/default.nix -A extern.nixpkgs_19_09

Fixes #178
2020-04-19 10:01:57 +02:00
Galen Abell 6563abc1c4 Fix password hash file generation behavior
- Move the "create password hash file from hashed password" behavior to
  a separate variable, since having it in the default field of config
  would always cause the warning to trigger
- Change type of hashedPassword to `nullOr str`
2020-03-06 17:27:47 +00:00
Robin Raymond 7bda4c4f11 automatically update readme hash 2019-12-18 09:33:52 +01:00
Robin Raymond 5d1f5cb349 update readme for v2.3.0 2019-12-16 21:08:33 +01:00
Xavier Vello 289f71efe2 Retry tests twice on gitlab 2019-12-15 14:29:16 +01:00
Xavier Vello d7b62bbb93 Update clamav test fixtures 2019-12-15 11:53:27 +01:00
Xavier Vello 9dae3d2cdc Run tests on 19.03 + 19.09 + unstable 2019-12-14 22:22:23 +01:00
Xavier Vello 5c6b6287d6 Fix extern test on 19.09
The openssl output format changed, breaking the
"dkim has user-specified size" test
2019-12-14 22:22:23 +01:00
Xavier Vello 43df84e1a0 Fix dovecot in 19.09+
Dovecot now requires at least 1024bits of dh params.
Test duration seems is not significantly increased.
2019-12-14 22:22:23 +01:00
Xavier Vello 5fb707e61a Update clamav test to use local fixtures
The current version fetches clamav-db-files from gitlab,
in the master branch. This is currently broken as the files
were removed, and does not allow to ensure a fixture update
does not break the test
2019-12-14 22:22:23 +01:00
Xavier Vello 81e4a49708 Restore tests and script deleted in b8661825 2019-12-14 22:22:10 +01:00
Maximilian Bosch 14cabd62e5
Trigger restart of postfix if passwords of mail accounts change 2019-10-18 21:21:01 +02:00
JosephTheEngineer b866182532 Remove use of the deprecated string type 2019-09-22 13:32:37 +00:00
Martin Milata ab33e87cea Delete leftover services.nix 2019-09-16 18:14:20 +02:00
Ruben Maher b4f6d96365 fix: make surprising lmtp_save_to_detail_mailbox behaviour optional 2019-09-01 20:21:11 +09:00
Robin Raymond 4b480d1445 Merge branch 'metapensiero/nixos-mailserver-delimiter-master' 2019-08-13 19:57:31 +02:00
Robin Raymond ee7bb07f25 Merge branch 'scintill/nixos-mailserver-dkim-bits' 2019-08-13 19:56:18 +02:00
Robin Raymond 0bf2bb0b54 Merge branch 'scintill/nixos-mailserver-fix-tests' 2019-08-13 19:51:16 +02:00
Alberto Berti 76922632ca Merge branch 'verbose-spam-header' into verbose-spam-header-master 2019-07-26 19:37:18 +02:00
Alberto Berti 6033364d0b Merge branch 'delimiter' into delimiter-master 2019-07-26 19:28:51 +02:00
Alberto Berti 05bb5518ad Let the milter add to headers the reason for tagging a message as spam 2019-07-26 19:01:54 +02:00
Alberto Berti 0ff81a9593 Make the delimiter configuration work 2019-07-26 19:00:32 +02:00