dovecot: read dovecot version into nix variable
This allows determining whether it's OK to use particular configuration variables that will throw errors when used in older versions.
This commit is contained in:
parent
f6546a1a8e
commit
5b570ad5a0
6 changed files with 23 additions and 14 deletions
10
default.nix
10
default.nix
|
@ -325,16 +325,6 @@ in
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
dovecot23 = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = false;
|
|
||||||
description =
|
|
||||||
''
|
|
||||||
Activate this if you use Dovecot 2.3, so SSL works.
|
|
||||||
TODO: Remove this!
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
|
|
||||||
dhParamBitLength = mkOption {
|
dhParamBitLength = mkOption {
|
||||||
type = types.int;
|
type = types.int;
|
||||||
default = 2048;
|
default = 2048;
|
||||||
|
|
12
mail-server/dovecot-version.nix
Normal file
12
mail-server/dovecot-version.nix
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
{ dovecot, gawk, gnused, jq, runCommand }:
|
||||||
|
|
||||||
|
runCommand "dovecot-version" {
|
||||||
|
buildInputs = [dovecot gnused jq];
|
||||||
|
} ''
|
||||||
|
jq -n \
|
||||||
|
--arg dovecot_version "$(dovecot --version |
|
||||||
|
sed 's/\([0-9.]*\).*/\1/' |
|
||||||
|
awk -F '.' '{ print $1"."$2"."$3 }')" \
|
||||||
|
'[$dovecot_version | split("."), ["major", "minor", "patch"]]
|
||||||
|
| transpose | map( { (.[1]): .[0] | tonumber }) | add' > $out
|
||||||
|
''
|
|
@ -24,6 +24,8 @@ let
|
||||||
# maildir in format "/${domain}/${user}"
|
# maildir in format "/${domain}/${user}"
|
||||||
dovecot_maildir = "maildir:${cfg.mailDirectory}/%d/%n";
|
dovecot_maildir = "maildir:${cfg.mailDirectory}/%d/%n";
|
||||||
|
|
||||||
|
dovecotVersion = builtins.fromJSON
|
||||||
|
(builtins.readFile (pkgs.callPackage ./dovecot-version.nix {}));
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
config = with cfg; lib.mkIf enable {
|
config = with cfg; lib.mkIf enable {
|
||||||
|
@ -61,7 +63,9 @@ in
|
||||||
|
|
||||||
mail_access_groups = ${vmailGroupName}
|
mail_access_groups = ${vmailGroupName}
|
||||||
ssl = required
|
ssl = required
|
||||||
${lib.optionalString dovecot23 "ssl_dh = <${certificateDirectory}/dh.pem"}
|
${lib.optionalString (dovecotVersion.major == 2 && dovecotVersion.minor >= 3) ''
|
||||||
|
ssl_dh = <${certificateDirectory}/dh.pem
|
||||||
|
''}
|
||||||
|
|
||||||
service lmtp {
|
service lmtp {
|
||||||
unix_listener /var/lib/postfix/queue/private/dovecot-lmtp {
|
unix_listener /var/lib/postfix/queue/private/dovecot-lmtp {
|
||||||
|
|
|
@ -91,7 +91,12 @@ in
|
||||||
|
|
||||||
${create_certificate}
|
${create_certificate}
|
||||||
|
|
||||||
${lib.optionalString cfg.dovecot23 "${createDhParameterFile}"}
|
${let
|
||||||
|
dovecotVersion = builtins.fromJSON
|
||||||
|
(builtins.readFile (pkgs.callPackage ./dovecot-version.nix {}));
|
||||||
|
in lib.optionalString
|
||||||
|
(dovecotVersion.major == 2 && dovecotVersion.minor >= 3)
|
||||||
|
createDhParameterFile}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -28,7 +28,6 @@ import <nixpkgs/nixos/tests/make-test.nix> {
|
||||||
fqdn = "mail.example.com";
|
fqdn = "mail.example.com";
|
||||||
domains = [ "example.com" "example2.com" ];
|
domains = [ "example.com" "example2.com" ];
|
||||||
dhParamBitLength = 512;
|
dhParamBitLength = 512;
|
||||||
dovecot23 = true;
|
|
||||||
|
|
||||||
loginAccounts = {
|
loginAccounts = {
|
||||||
"user1@example.com" = {
|
"user1@example.com" = {
|
||||||
|
|
|
@ -28,7 +28,6 @@ import <nixpkgs/nixos/tests/make-test.nix> {
|
||||||
fqdn = "mail.example.com";
|
fqdn = "mail.example.com";
|
||||||
domains = [ "example.com" ];
|
domains = [ "example.com" ];
|
||||||
dhParamBitLength = 512;
|
dhParamBitLength = 512;
|
||||||
dovecot23 = true;
|
|
||||||
|
|
||||||
loginAccounts = {
|
loginAccounts = {
|
||||||
"user1@example.com" = {
|
"user1@example.com" = {
|
||||||
|
|
Loading…
Reference in a new issue