misc_nixos-mailserver/mail-server
Martin Weinelt 46fe2c25c8 dovecot: prefer client cipher list
All ciphers in TLSv1.2/TLSv1.3 are considered secure, so we can allow the
client to choose the most performant cipher according to their hardware
and software configuration.

This is in line with general recommendations, e.g. by Mozilla[1].

[1] https://wiki.mozilla.org/Security/Server_Side_TLS
2025-04-23 19:35:32 +00:00
..
dovecot Remove use of the deprecated string type 2019-09-22 13:32:37 +00:00
assertions.nix acme: test acmeCertificateName if module is enabled 2024-06-04 15:31:28 +00:00
borgbackup.nix fix conditions for enabling services 2018-05-22 23:18:55 +02:00
clamav.nix Remove non longer supported configurations (<21.05) 2021-07-24 09:57:44 +02:00
common.nix remove new line character if use agenix 2024-12-16 17:07:10 +00:00
dovecot.nix dovecot: prefer client cipher list 2025-04-23 19:35:32 +00:00
environment.nix Allow using existing ACME certificates 2023-05-24 21:10:02 +00:00
kresd.nix kresd: no need to explicitly set nameserver 2021-06-03 05:58:42 +00:00
monit.nix fix conditions for enabling services 2018-05-22 23:18:55 +02:00
networking.nix Allow using existing ACME certificates 2023-05-24 21:10:02 +00:00
nginx.nix acme: Add new option acmeCertificateName 2024-05-31 09:53:32 +01:00
opendkim.nix opendkim: make public key world-readable 2023-05-14 07:11:48 +00:00
postfix.nix Remove policy-spf 2025-04-17 20:26:00 +02:00
rsnapshot.nix fix conditions for enabling services 2018-05-22 23:18:55 +02:00
rspamd.nix rspamd: Use redis over a unix socket by default 2025-04-15 16:17:30 +02:00
systemd.nix Fix URLs for dovecot 2025-03-14 21:16:26 +00:00
users.nix Use umask for race-free permission setting 2023-07-17 18:22:16 +02:00