From 027e6bcd7691ec603c751e9930d3196c53bb0d81 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sat, 2 Aug 2025 02:11:11 +0200 Subject: [PATCH 1/3] postfix: don't cast message_size_limit to string On unstable this will become a signed integer and there was never a good reason for this to be a string. --- mail-server/postfix.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index 79b2eca..9b89d96 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -277,7 +277,7 @@ in recipient_delimiter = cfg.recipientDelimiter; smtpd_banner = "${cfg.fqdn} ESMTP NO UCE"; disable_vrfy_command = true; - message_size_limit = toString cfg.messageSizeLimit; + message_size_limit = cfg.messageSizeLimit; # virtual mail system virtual_uid_maps = "static:5000"; From cea6f25a407a55c76dad13dfc0bf46acfd82df91 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sat, 2 Aug 2025 02:12:47 +0200 Subject: [PATCH 2/3] flake.lock: Update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/1fd8bada0b6117e6c7eb54aad5813023eed37ccb' (2025-07-06) → 'github:NixOS/nixpkgs/94def634a20494ee057c76998843c015909d6311' (2025-07-31) • Updated input 'nixpkgs-25_05': 'github:NixOS/nixpkgs/29e290002bfff26af1db6f64d070698019460302' (2025-07-05) → 'github:NixOS/nixpkgs/1f08a4df998e21f4e8be8fb6fbf61d11a1a5076a' (2025-07-29) --- flake.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/flake.lock b/flake.lock index 838c77e..74df222 100644 --- a/flake.lock +++ b/flake.lock @@ -79,11 +79,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1751792365, - "narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=", + "lastModified": 1753939845, + "narHash": "sha256-K2ViRJfdVGE8tpJejs8Qpvvejks1+A4GQej/lBk5y7I=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb", + "rev": "94def634a20494ee057c76998843c015909d6311", "type": "github" }, "original": { @@ -95,11 +95,11 @@ }, "nixpkgs-25_05": { "locked": { - "lastModified": 1751741127, - "narHash": "sha256-t75Shs76NgxjZSgvvZZ9qOmz5zuBE8buUaYD28BMTxg=", + "lastModified": 1753749649, + "narHash": "sha256-+jkEZxs7bfOKfBIk430K+tK9IvXlwzqQQnppC2ZKFj4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "29e290002bfff26af1db6f64d070698019460302", + "rev": "1f08a4df998e21f4e8be8fb6fbf61d11a1a5076a", "type": "github" }, "original": { From b76a547becc9eb981c60439e89bcd6ac7d23330a Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Sat, 2 Aug 2025 02:19:15 +0200 Subject: [PATCH 3/3] treewide: reformat with nixfmt 1.0.0 --- mail-server/dovecot.nix | 21 ++++++++++++--------- mail-server/networking.nix | 21 +++++++++++---------- mail-server/postfix.nix | 19 +++++++++---------- mail-server/rspamd.nix | 23 +++++++++++------------ mail-server/systemd.nix | 9 +++++---- tests/internal.nix | 21 ++++++++++----------- 6 files changed, 58 insertions(+), 56 deletions(-) diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index 33e7f4c..69d2b6b 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -168,7 +168,8 @@ let fts_header_excludes = listToLine cfg.fullTextSearch.headerExcludes; fts_autoindex = boolToYesNo cfg.fullTextSearch.autoIndex; fts_enforced = cfg.fullTextSearch.enforced; - } // (listToMultiAttrs "fts_autoindex_exclude" cfg.fullTextSearch.autoIndexExclude); + } + // (listToMultiAttrs "fts_autoindex_exclude" cfg.fullTextSearch.autoIndexExclude); in { @@ -200,7 +201,8 @@ in # which are usually not compatible. environment.systemPackages = [ pkgs.dovecot_pigeonhole - ] ++ lib.optional cfg.fullTextSearch.enable pkgs.dovecot-fts-flatcurve; + ] + ++ lib.optional cfg.fullTextSearch.enable pkgs.dovecot-fts-flatcurve; # For compatibility with python imaplib environment.etc."dovecot/modules".source = "/run/current-system/sw/lib/dovecot/modules"; @@ -228,7 +230,8 @@ in sieve = "file:${cfg.sieveDirectory}/%{user}/scripts;active=${cfg.sieveDirectory}/%{user}/active.sieve"; sieve_default = "file:${cfg.sieveDirectory}/%{user}/default.sieve"; sieve_default_name = "default"; - } // (lib.optionalAttrs cfg.fullTextSearch.enable ftsPluginSettings); + } + // (lib.optionalAttrs cfg.fullTextSearch.enable ftsPluginSettings); sieve = { extensions = [ @@ -448,15 +451,15 @@ in }; systemd.services.${dovecotUnitName} = { - preStart = - '' - ${genPasswdScript} - '' - + (lib.optionalString cfg.ldap.enable setPwdInLdapConfFile); + preStart = '' + ${genPasswdScript} + '' + + (lib.optionalString cfg.ldap.enable setPwdInLdapConfFile); }; systemd.services.postfix.restartTriggers = [ genPasswdScript - ] ++ (lib.optional cfg.ldap.enable [ setPwdInLdapConfFile ]); + ] + ++ (lib.optional cfg.ldap.enable [ setPwdInLdapConfFile ]); }; } diff --git a/mail-server/networking.nix b/mail-server/networking.nix index f560ec0..a79aa37 100644 --- a/mail-server/networking.nix +++ b/mail-server/networking.nix @@ -23,16 +23,17 @@ in config = lib.mkIf (cfg.enable && cfg.openFirewall) { networking.firewall = { - allowedTCPPorts = - [ 25 ] - ++ lib.optional cfg.enableSubmission 587 - ++ lib.optional cfg.enableSubmissionSsl 465 - ++ lib.optional cfg.enableImap 143 - ++ lib.optional cfg.enableImapSsl 993 - ++ lib.optional cfg.enablePop3 110 - ++ lib.optional cfg.enablePop3Ssl 995 - ++ lib.optional cfg.enableManageSieve 4190 - ++ lib.optional (cfg.certificateScheme == "acme-nginx") 80; + allowedTCPPorts = [ + 25 + ] + ++ lib.optional cfg.enableSubmission 587 + ++ lib.optional cfg.enableSubmissionSsl 465 + ++ lib.optional cfg.enableImap 143 + ++ lib.optional cfg.enableImapSsl 993 + ++ lib.optional cfg.enablePop3 110 + ++ lib.optional cfg.enablePop3Ssl 995 + ++ lib.optional cfg.enableManageSieve 4190 + ++ lib.optional (cfg.certificateScheme == "acme-nginx") 80; }; }; } diff --git a/mail-server/postfix.nix b/mail-server/postfix.nix index 9b89d96..8c0bccd 100644 --- a/mail-server/postfix.nix +++ b/mail-server/postfix.nix @@ -284,16 +284,15 @@ in virtual_gid_maps = "static:5000"; virtual_mailbox_base = cfg.mailDirectory; virtual_mailbox_domains = vhosts_file; - virtual_mailbox_maps = - [ - (mappedFile "valias") - ] - ++ lib.optionals cfg.ldap.enable [ - "ldap:${ldapVirtualMailboxMapFile}" - ] - ++ lib.optionals (regex_valiases_postfix != { }) [ - (mappedRegexFile "regex_valias") - ]; + virtual_mailbox_maps = [ + (mappedFile "valias") + ] + ++ lib.optionals cfg.ldap.enable [ + "ldap:${ldapVirtualMailboxMapFile}" + ] + ++ lib.optionals (regex_valiases_postfix != { }) [ + (mappedRegexFile "regex_valias") + ]; virtual_alias_maps = lib.mkAfter ( lib.optionals (regex_valiases_postfix != { }) [ (mappedRegexFile "regex_valias") diff --git a/mail-server/rspamd.nix b/mail-server/rspamd.nix index 73e119a..7121a46 100644 --- a/mail-server/rspamd.nix +++ b/mail-server/rspamd.nix @@ -75,18 +75,17 @@ in ''; }; "redis.conf" = { - text = - '' - servers = "${ - if cfg.redis.port == null then - cfg.redis.address - else - "${cfg.redis.address}:${toString cfg.redis.port}" - }"; - '' - + (lib.optionalString (cfg.redis.password != null) '' - password = "${cfg.redis.password}"; - ''); + text = '' + servers = "${ + if cfg.redis.port == null then + cfg.redis.address + else + "${cfg.redis.address}:${toString cfg.redis.port}" + }"; + '' + + (lib.optionalString (cfg.redis.password != null) '' + password = "${cfg.redis.password}"; + ''); }; "classifier-bayes.conf" = { text = '' diff --git a/mail-server/systemd.nix b/mail-server/systemd.nix index 5f6fd4a..fb11a2d 100644 --- a/mail-server/systemd.nix +++ b/mail-server/systemd.nix @@ -94,10 +94,11 @@ in # Postfix requires dovecot lmtp socket, dovecot auth socket and certificate to work systemd.services.postfix = { wants = certificatesDeps; - after = - [ "${dovecotUnitName}.service" ] - ++ lib.optional cfg.dkimSigning "rspamd.service" - ++ certificatesDeps; + after = [ + "${dovecotUnitName}.service" + ] + ++ lib.optional cfg.dkimSigning "rspamd.service" + ++ certificatesDeps; requires = [ "${dovecotUnitName}.service" ] ++ lib.optional cfg.dkimSigning "rspamd.service"; }; }; diff --git a/tests/internal.nix b/tests/internal.nix index 251efbc..1b3224b 100644 --- a/tests/internal.nix +++ b/tests/internal.nix @@ -58,17 +58,16 @@ in virtualisation.memorySize = 1024; - environment.systemPackages = - [ - (pkgs.writeScriptBin "mail-check" '' - ${pkgs.python3}/bin/python ${../scripts/mail-check.py} $@ - '') - ] - ++ (with pkgs; [ - curl - openssl - netcat - ]); + environment.systemPackages = [ + (pkgs.writeScriptBin "mail-check" '' + ${pkgs.python3}/bin/python ${../scripts/mail-check.py} $@ + '') + ] + ++ (with pkgs; [ + curl + openssl + netcat + ]); mailserver = { enable = true;