1 { pkgs, lib, config, ... }:
3 inherit (pkgs.lib) loadFile;
4 inherit (config.services) postfix;
5 domain = "sourcephile.fr";
6 domainSuffix = "dc=sourcephile,dc=fr";
9 users.groups.acme.members = [ postfix.user ];
10 systemd.services.postfix.after = [
11 "acme-${domain}.service"
17 root@${domain} julm+root@${domain}
21 "/var/lib/acme/${domain}/key.pem"
22 "/var/lib/acme/${domain}/fullchain.pem"
24 "smtp.${domain}" = chain;
25 "mail.${domain}" = chain;
28 virtual_mailbox_domains = [ domain ];
29 virtual_mailbox_maps = [
30 # Map the main address and aliases to the main mail address.
31 # This is checked by permit_auth_recipient
32 ("ldap:"+pkgs.writeText "ldap-mail-${domain}.cf" ''
36 server_host = ldapi://
39 search_base = ou=posix,${domainSuffix}
42 query_filter = (&(|(mail=%s)(mailAlias=%s))(mailEnabled=TRUE))
44 result_attribute = mail
47 # Map MAIL FROM addresses to the SASL login names allowed to use it.
48 smtpd_sender_login_maps = [
49 ("ldap:"+pkgs.writeText "ldap-senders-${domain}.cf" ''
53 server_host = ldapi://
56 search_base = ou=posix,${domainSuffix}
59 query_filter = (&(|(mail=%s)(mailAlias=%s))(mailEnabled=TRUE))
60 result_format = %s@${domain}
61 result_attribute = uid
sourcephile / git / sourcephile-nix.git / blob