fix multidomain dkim signing fixes #24

This commit is contained in:
Robin Raymond 2017-11-11 16:05:49 +01:00
parent b89d6e7b27
commit d905be86d5
2 changed files with 20 additions and 9 deletions

View file

@ -28,6 +28,8 @@ let
'' ''
else ""; else "";
dkim = if cfg.dkimSigning dkim = if cfg.dkimSigning
# Note: domain = "*"; causes Rmilter to try to search key in the key path
# as keypath/domain.selector.key for any domain.
then then
'' ''
dkim { dkim {

View file

@ -38,22 +38,31 @@ let
'' ''
else ""; else "";
dkim_key = "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.private"; createDomainDkimCert = dom:
dkim_txt = "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.txt"; let
dkim_key = "${cfg.dkimKeyDirectory}/${dom}.${cfg.dkimSelector}.key";
dkim_txt = "${cfg.dkimKeyDirectory}/${dom}.${cfg.dkimSelector}.txt";
in
''
if [ ! -f "${dkim_key}" ] || [ ! -f "${dkim_txt}" ]
then
${pkgs.opendkim}/bin/opendkim-genkey -s "${cfg.dkimSelector}" \
-d "${dom}" \
--directory="${cfg.dkimKeyDirectory}"
mv "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.private" "${dkim_key}"
mv "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.txt" "${dkim_txt}"
fi
'';
createAllCerts = lib.concatStringsSep "\n" (map createDomainDkimCert cfg.domains);
create_dkim_cert = create_dkim_cert =
'' ''
# Create dkim dir # Create dkim dir
mkdir -p "${cfg.dkimKeyDirectory}" mkdir -p "${cfg.dkimKeyDirectory}"
chown rmilter:rmilter "${cfg.dkimKeyDirectory}" chown rmilter:rmilter "${cfg.dkimKeyDirectory}"
if [ ! -f "${dkim_key}" ] || [ ! -f "${dkim_txt}" ] ${createAllCerts}
then
${pkgs.opendkim}/bin/opendkim-genkey -s "${cfg.dkimSelector}" \ chown -R rmilter:rmilter "${cfg.dkimKeyDirectory}"
-d ${cfg.fqdn} \
--directory="${cfg.dkimKeyDirectory}"
chown rmilter:rmilter "${dkim_key}"
fi
''; '';
in in
{ {