From 925cabde64d767c2dddd6df2aca48a2df8b858d4 Mon Sep 17 00:00:00 2001 From: derped Date: Sat, 7 Dec 2024 21:43:57 +0100 Subject: [PATCH] Reload dovecot2 on certificate update. --- services/mailserver.nix | 52 ++++++++++++++++++++++------------------- 1 file changed, 28 insertions(+), 24 deletions(-) diff --git a/services/mailserver.nix b/services/mailserver.nix index 69457e6..73848ad 100644 --- a/services/mailserver.nix +++ b/services/mailserver.nix @@ -11,29 +11,29 @@ with lib; mailserver.nixosModules.mailserver ]; } -// mkIf (elem "mailserver" config.machine.services) { - mailserver = - let - cfg = config.machine; - inherit (cfg) domain; - fdomain = (findFirst (s: s.service == "mail") cfg cfg.vHosts).domain; - mkFqdnAlias = name: [ - "${name}@${domain}" - "${name}@${fdomain}" - ]; - mkExDomAlias = name: (map (exDom: "${name}@${exDom}") cfg.extraDomains); - mkUser = user: rec { - name = "${user.name}@${domain}"; - value = { - hashedPasswordFile = config.sops.secrets."users/${user.name}/mail".path; - aliases = - [ "${user.name}@${fdomain}" ] - ++ (flatten (map mkFqdnAlias user.aliases)) - ++ (flatten (map mkExDomAlias ([ user.name ] ++ user.aliases))); - }; +// mkIf (elem "mailserver" config.machine.services) ( + let + cfg = config.machine; + inherit (cfg) domain; + fdomain = (findFirst (s: s.service == "mail") cfg cfg.vHosts).domain; + mkFqdnAlias = name: [ + "${name}@${domain}" + "${name}@${fdomain}" + ]; + mkExDomAlias = name: (map (exDom: "${name}@${exDom}") cfg.extraDomains); + mkUser = user: { + name = "${user.name}@${domain}"; + value = { + hashedPasswordFile = config.sops.secrets."users/${user.name}/mail".path; + aliases = + [ "${user.name}@${fdomain}" ] + ++ (flatten (map mkFqdnAlias user.aliases)) + ++ (flatten (map mkExDomAlias ([ user.name ] ++ user.aliases))); }; - in - rec { + }; + in + { + mailserver = { enable = true; fqdn = fdomain; domains = [ @@ -63,5 +63,9 @@ with lib; # 1 Gb RAM for the server. Without virus scanning 256 MB RAM should be plenty) virusScanning = false; }; - sops.secrets = fn.sopsHelper (user: "users/${user.name}/mail") config.machine.mailAccounts { }; -} + systemd.services."acme-${fdomain}".serviceConfig.ExecStartPost = [ + "+systemctl reload dovecot2" + ]; + sops.secrets = fn.sopsHelper (user: "users/${user.name}/mail") config.machine.mailAccounts { }; + } +)