Some more accounts stuff

2025-07-31 22:38:20 +02:00 · 2025-07-31 22:38:20 +02:00 · 9c4a751fe0
commit 9c4a751fe0
parent cd4c06686e
1 changed files with 19 additions and 49 deletions
--- a/nix/systems/aarch64-linux/mx.kaareskovgaard.net/mailserver/accounts.nix
+++ b/nix/systems/aarch64-linux/mx.kaareskovgaard.net/mailserver/accounts.nix
@ -7,21 +7,14 @@
 let
  cfg = config.khscodes."mx.kaareskovgaard.net";
  passDbFile = "/run/secret/dovecot/passwd";
-  # This just replicates what simple-nixos-mailserver does, but using the proper usernames
-  userDbFile = pkgs.writeTextFile {
-    name = "userdb";
-    text = lib.concatStringsSep "\n" (
-      lib.mapAttrsToList (
-        name: value:
-        "${name}:::::::"
-        + lib.optionalString (value.quota != null) "userdb_quota_rule=*:storage=${value.quota}"
-      ) cfg.accounts
-    );
-  };
  bogusPasswdFile = pkgs.writeTextFile {
    name = "bogus-passwd";
    text = "$6$1234";
  };
+  userDbFile = pkgs.writeTextFile {
+    name = "userdb";
+    text = '''';
+  };
  accountPrimaryEmail =
    name: account: if account.isLdapAccount then lib.lists.head account.aliases else name;
  accountAlternativeEmails =
@ -139,7 +132,7 @@ let

  systemAccounts = lib.attrsets.foldlAttrs (
    acc: name: value:
-    if value.isLdapAccount then acc else acc ++ [ (accountPrimaryEmail name value) ]
+    if value.isLdapAccount then acc else acc ++ [ name ]
  ) [ ] cfg.accounts;

  systemAccountsPassDbTemplateContents =
@ -152,15 +145,6 @@ let
    )
    # Just make sure the file is not empty
    + "\n";
-
-  data = import ./accounts/mailbox_map.nix {
-    inherit lib accountPrimaryEmail accountAlternativeEmails;
-    accounts = cfg.accounts;
-    extraVirtualAliases = { };
-  };
-
-  mappedFile = name: "hash:/var/lib/postfix/conf/${name}";
-  mappedRegexFile = name: "pcre:/var/lib/postfix/conf/${name}";
 in
 {
  options.khscodes."mx.kaareskovgaard.net".accounts = lib.mkOption {
@ -169,9 +153,7 @@ in
  };
  config = {
    mailserver = {
-      loginAccounts = lib.attrsets.mapAttrs' (name: value: {
-        name = accountPrimaryEmail name value;
-        value = {
+      loginAccounts = lib.attrsets.mapAttrs (name: value: {
        inherit (value)
          name
          aliasesRegexp
@ -180,23 +162,11 @@ in
          sieveScript
          sendOnly
          sendOnlyRejectMessage
+          aliases
          ;
-          aliases = accountAlternativeEmails name value;
        hashedPasswordFile = bogusPasswdFile;
-        };
      }) cfg.accounts;
-      extraVirtualAliases = data.mailserverExtraVirtualAliases;
-    };
-    services.postfix = {
-      mapFiles."valias_maps" = data.valiases_file;
-      mapFiles."regex_valias_maps" = data.regex_valiases_file;
-      mapFiles."vaccounts" = lib.mkForce data.vaccounts_file;
-      mapFiles."regex_vaccounts" = lib.mkForce data.regex_vaccounts_file;
-      config.virtual_mailbox_maps = lib.mkForce [
-        (mappedFile "valias_maps")
-        (mappedRegexFile "regex_valias_maps")
-      ];
-
+      extraVirtualAliases = { };
    };
    khscodes.infrastructure.vault-server-approle.policy = {
      "mx.kaareskovgaard.net/data/users/*" = {
@ -258,7 +228,7 @@ in
      # with our own.
      preStart = lib.mkAfter ''
        cp ${passDbFile} /run/dovecot2/passwd
-        cp ${userDbFile} /run/dovecot2/userdb
+        # cp ${userDbFile} /run/dovecot2/userdb
      '';
    };
    # This prevents local usernames without domain names to get rewritten.