fix multidomain dkim signing fixes #24
This commit is contained in:
parent
b89d6e7b27
commit
d905be86d5
2 changed files with 20 additions and 9 deletions
|
@ -28,6 +28,8 @@ let
|
||||||
''
|
''
|
||||||
else "";
|
else "";
|
||||||
dkim = if cfg.dkimSigning
|
dkim = if cfg.dkimSigning
|
||||||
|
# Note: domain = "*"; causes Rmilter to try to search key in the key path
|
||||||
|
# as keypath/domain.selector.key for any domain.
|
||||||
then
|
then
|
||||||
''
|
''
|
||||||
dkim {
|
dkim {
|
||||||
|
|
|
@ -38,22 +38,31 @@ let
|
||||||
''
|
''
|
||||||
else "";
|
else "";
|
||||||
|
|
||||||
dkim_key = "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.private";
|
createDomainDkimCert = dom:
|
||||||
dkim_txt = "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.txt";
|
let
|
||||||
|
dkim_key = "${cfg.dkimKeyDirectory}/${dom}.${cfg.dkimSelector}.key";
|
||||||
|
dkim_txt = "${cfg.dkimKeyDirectory}/${dom}.${cfg.dkimSelector}.txt";
|
||||||
|
in
|
||||||
|
''
|
||||||
|
if [ ! -f "${dkim_key}" ] || [ ! -f "${dkim_txt}" ]
|
||||||
|
then
|
||||||
|
${pkgs.opendkim}/bin/opendkim-genkey -s "${cfg.dkimSelector}" \
|
||||||
|
-d "${dom}" \
|
||||||
|
--directory="${cfg.dkimKeyDirectory}"
|
||||||
|
mv "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.private" "${dkim_key}"
|
||||||
|
mv "${cfg.dkimKeyDirectory}/${cfg.dkimSelector}.txt" "${dkim_txt}"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
createAllCerts = lib.concatStringsSep "\n" (map createDomainDkimCert cfg.domains);
|
||||||
create_dkim_cert =
|
create_dkim_cert =
|
||||||
''
|
''
|
||||||
# Create dkim dir
|
# Create dkim dir
|
||||||
mkdir -p "${cfg.dkimKeyDirectory}"
|
mkdir -p "${cfg.dkimKeyDirectory}"
|
||||||
chown rmilter:rmilter "${cfg.dkimKeyDirectory}"
|
chown rmilter:rmilter "${cfg.dkimKeyDirectory}"
|
||||||
|
|
||||||
if [ ! -f "${dkim_key}" ] || [ ! -f "${dkim_txt}" ]
|
${createAllCerts}
|
||||||
then
|
|
||||||
|
|
||||||
${pkgs.opendkim}/bin/opendkim-genkey -s "${cfg.dkimSelector}" \
|
chown -R rmilter:rmilter "${cfg.dkimKeyDirectory}"
|
||||||
-d ${cfg.fqdn} \
|
|
||||||
--directory="${cfg.dkimKeyDirectory}"
|
|
||||||
chown rmilter:rmilter "${dkim_key}"
|
|
||||||
fi
|
|
||||||
'';
|
'';
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue