preisi/mailnix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

mailsystem: Add option to use selfsigned certificates in preparation for testing

Browse source
This commit is contained in:
Thomas Preisner 2024-12-05 16:04:01 +01:00
parent 8a64eb9287
commit e185d301ff
5 changed files with 84 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

18
mailsystem/common.nix
View file

@ -1,9 +1,21 @@
{config, ...}: let
cfg = config.mailsystem;
in rec {
sslCertPath = "${config.security.acme.certs.${cfg.fqdn}.directory}/fullchain.pem";
sslKeyPath = "${config.security.acme.certs.${cfg.fqdn}.directory}/key.pem";
sslCertService = ["acme-finished-${cfg.fqdn}.target"];
certificateDirectory = "/var/certs";
sslCertPath =
if cfg.certificateScheme == "acme"
then "${config.security.acme.certs.${cfg.fqdn}.directory}/fullchain.pem"
else "${certificateDirectory}/cert-${cfg.fqdn}.pem";
sslKeyPath =
if cfg.certificateScheme == "acme"
then "${config.security.acme.certs.${cfg.fqdn}.directory}/key.pem"
else "${certificateDirectory}/key-${cfg.fqdn}.pem";
sslCertService =
if cfg.certificateScheme == "acme"
then ["acme-finished-${cfg.fqdn}.target"]
else ["mailsystem-selfsigned-certificate.service"];
dovecotDynamicStateDir = "/var/lib/dovecot";
dovecotDynamicPasswdFile = "${dovecotDynamicStateDir}/passwd";