Skynet/misc_nixos-mailserver
7
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

postfix: configure cert/key using smtpd_tls_chain_files

Browse source 
The sslCert and sslKey options are going away, because they do too much,
e.g. provision the keypair for client certificate authentication, which
is not at all what we want or need.
This commit is contained in:
Martin Weinelt 2025-06-12 01:01:38 +02:00
parent 8b27add088
commit e540dc864c
No known key found for this signature in database
GPG key ID: 87C1E9888F856759
1 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
mail-server/postfix.nix
View file

@ -207,13 +207,16 @@ in
mapFiles."denied_recipients" = denied_recipients_file;
mapFiles."reject_senders" = reject_senders_file;
mapFiles."reject_recipients" = reject_recipients_file;
sslCert = certificatePath;
sslKey = keyPath;
enableSubmission = cfg.enableSubmission;
enableSubmissions = cfg.enableSubmissionSsl;
virtual = lookupTableToString (mergeLookupTables [all_valiases_postfix catchAllPostfix forwards]);
config = {
smtpd_tls_chain_files = [
"${keyPath}"
"${certificatePath}"
];
# Extra Config
mydestination = "";
recipient_delimiter = cfg.recipientDelimiter;