From cff7a27cfe434c3ed18607872c3c4a54faf93e87 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 10 Mar 2026 02:02:53 +0100 Subject: [PATCH 1/6] docs: update Radicale guide We now explain what Radicale even is and classify reusing the hashed passwords of login accounts as limitation because it requires using compatible password hashes. This is difficult because compatible password hashes need an overlap between libxcrypt and Radicales choice of libraries: libpass, argon2 and bcrypt. Extract the source code into a proper .nix file so we get source linting and formatting for free. Pruned from bad practices of the past, like global `with lib`. --- docs/add-radicale.rst | 55 ------------------------------------------- docs/index.rst | 2 +- docs/radicale.nix | 55 +++++++++++++++++++++++++++++++++++++++++++ docs/radicale.rst | 29 +++++++++++++++++++++++ 4 files changed, 85 insertions(+), 56 deletions(-) delete mode 100644 docs/add-radicale.rst create mode 100644 docs/radicale.nix create mode 100644 docs/radicale.rst diff --git a/docs/add-radicale.rst b/docs/add-radicale.rst deleted file mode 100644 index cf98333..0000000 --- a/docs/add-radicale.rst +++ /dev/null @@ -1,55 +0,0 @@ -Add Radicale -============ - -Configuration by @dotlambda - -Starting with Radicale 3 (first introduced in NixOS 20.09) the traditional -crypt passwords are no longer supported. Instead bcrypt passwords -have to be used. These can still be generated using `mkpasswd -m bcrypt`. - -.. code:: nix - - { config, pkgs, lib, ... }: - - with lib; - - let - mailAccounts = config.mailserver.loginAccounts; - htpasswd = pkgs.writeText "radicale.users" (concatStrings - (flip mapAttrsToList mailAccounts (mail: user: - mail + ":" + user.hashedPassword + "\n" - )) - ); - - in { - services.radicale = { - enable = true; - settings = { - auth = { - type = "htpasswd"; - htpasswd_filename = "${htpasswd}"; - htpasswd_encryption = "bcrypt"; - }; - }; - }; - - services.nginx = { - enable = true; - virtualHosts = { - "cal.example.com" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:5232/"; - extraConfig = '' - proxy_set_header X-Script-Name /; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_pass_header Authorization; - ''; - }; - }; - }; - }; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - } diff --git a/docs/index.rst b/docs/index.rst index 2cb5339..d6e7465 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -34,7 +34,7 @@ Welcome to NixOS Mailserver's documentation! :caption: How-to backup-guide - add-radicale + radicale add-roundcube rspamd-tuning flakes diff --git a/docs/radicale.nix b/docs/radicale.nix new file mode 100644 index 0000000..e740fb7 --- /dev/null +++ b/docs/radicale.nix @@ -0,0 +1,55 @@ +{ + config, + pkgs, + lib, + ... +}: + +let + inherit (lib) + concatStrings + flip + mapAttrsToList + ; + + mailAccounts = config.mailserver.loginAccounts; + htpasswd = pkgs.writeText "radicale.users" ( + concatStrings (flip mapAttrsToList mailAccounts (mail: user: "${mail}+:${user.hashedPassword}\n")) + ); + +in +{ + services.radicale = { + enable = true; + settings = { + auth = { + type = "htpasswd"; + htpasswd_filename = "${htpasswd}"; + htpasswd_encryption = "bcrypt"; + }; + }; + }; + + services.nginx = { + enable = true; + virtualHosts = { + "cal.example.com" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:5232/"; + extraConfig = '' + proxy_set_header X-Script-Name /; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_pass_header Authorization; + ''; + }; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; +} diff --git a/docs/radicale.rst b/docs/radicale.rst new file mode 100644 index 0000000..244a41e --- /dev/null +++ b/docs/radicale.rst @@ -0,0 +1,29 @@ +Radicale +======== + +Radicale is a lightweight open-source CalDAV/CardDAV server that stores +calendars and contacts as plain files on the filesystem, enabling simple +self-hosted synchronization with standard clients. + +Limitations +^^^^^^^^^^^ + +Radicale since the 3.x release (introduced in NixOS 20.09) does not support +traditional crypt() password hashes any longer. To establish access for +existing :option:`mailserver.loginAccounts`, the hashing method used +for ``hashedPassword`` needs to be compatible with one of the available +`htpasswd_encryption`_ methods. Such hashes can for example be created using + +.. code-block:: console + + nix-shell -p mkpasswd --command "mkpasswd -m bcrypt" + +.. _htpasswd_encryption: https://radicale.org/v3.html#htpasswd_encryption + +Code +^^^^ + +Configuration contributed by Robert Schütz (@dotlambda). + +.. literalinclude:: ./radicale.nix + :language: nix From 8d996b109df0312be2eb4bb2a87d20e2c0474c97 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 10 Mar 2026 02:26:25 +0100 Subject: [PATCH 2/6] docs: update Roundcube guide Adds a short explanation what roundcube even is. Extract and extend the roundcube example showing plugin and spellchecking support. We also inherit a plausible maximum attachment size based on Postfix's message_size_limit. The nginx vhost forces TLS and manages certificates using the ACME integration. --- docs/add-roundcube.rst | 31 ------------------------------- docs/index.rst | 2 +- docs/roundcube.nix | 41 +++++++++++++++++++++++++++++++++++++++++ docs/roundcube.rst | 19 +++++++++++++++++++ 4 files changed, 61 insertions(+), 32 deletions(-) delete mode 100644 docs/add-roundcube.rst create mode 100644 docs/roundcube.nix create mode 100644 docs/roundcube.rst diff --git a/docs/add-roundcube.rst b/docs/add-roundcube.rst deleted file mode 100644 index 06c7b2f..0000000 --- a/docs/add-roundcube.rst +++ /dev/null @@ -1,31 +0,0 @@ -Add Roundcube, a webmail -======================== - -The NixOS module for roundcube nearly works out of the box with SNM. By -default, it sets up a nginx virtual host to serve the webmail, other web -servers may require more work. - -.. code:: nix - - { config, pkgs, lib, ... }: - - with lib; - - { - services.roundcube = { - enable = true; - # this is the url of the vhost, not necessarily the same as the fqdn of - # the mailserver - hostName = "webmail.example.com"; - extraConfig = '' - $config['imap_host'] = "ssl://${config.mailserver.fqdn}"; - $config['smtp_host'] = "ssl://${config.mailserver.fqdn}"; - $config['smtp_user'] = "%u"; - $config['smtp_pass'] = "%p"; - ''; - }; - - services.nginx.enable = true; - - networking.firewall.allowedTCPPorts = [ 80 443 ]; - } diff --git a/docs/index.rst b/docs/index.rst index d6e7465..469e876 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -35,7 +35,7 @@ Welcome to NixOS Mailserver's documentation! backup-guide radicale - add-roundcube + roundcube rspamd-tuning flakes autodiscovery diff --git a/docs/roundcube.nix b/docs/roundcube.nix new file mode 100644 index 0000000..5ec7efb --- /dev/null +++ b/docs/roundcube.nix @@ -0,0 +1,41 @@ +{ + config, + pkgs, + ... +}: + +{ + services.roundcube = { + enable = true; + hostName = "webmail.example.com"; # the nginx vhost + package = pkgs.roundcube.withPlugins ( + plugins: with plugins; [ + # https://search.nixos.org/packages?query=roundcubePlugins + persistent_login + ] + ); + dicts = with pkgs.aspellDicts; [ + # https://search.nixos.org/packages?query=aspellDicts + en + ]; + # Account for ~30% size increase due to base64 encoding of attachments + # https://github.com/roundcube/roundcubemail/issues/7979 + maxAttachmentSize = config.mailserver.messageSizeLimit / 1024 / 1024 / 1.37; + extraConfig = '' + $config['imap_host'] = "ssl://${config.mailserver.fqdn}"; + $config['smtp_host'] = "ssl://${config.mailserver.fqdn}"; + $config['smtp_user'] = "%u"; + $config['smtp_pass'] = "%p"; + ''; + }; + + services.nginx.virtualHosts.${config.services.rounducbe.hostName} = { + enableACME = true; + forceSSL = true; + }; + + networking.firewall.allowedTCPPorts = [ + 80 + 443 + ]; +} diff --git a/docs/roundcube.rst b/docs/roundcube.rst new file mode 100644 index 0000000..c1f99ee --- /dev/null +++ b/docs/roundcube.rst @@ -0,0 +1,19 @@ +Roundcube +========= + +Roundcube is a browser-based open-source webmail client that provides a +full-featured email interface with support for IMAP, SMTP, address books, and +extensible plugins. + +Code +^^^^ + +The NixOS module for Roundcube integrates almost immediately with NixOS +mailserver, automatically configuring an Nginx virtual host and ACME-managed +TLS for secure webmail access; using other web servers may require additional +manual setup. + +Once set up you can login with your login account credentials. + +.. literalinclude:: ./roundcube.nix + :language: nix From b83621011fa61c3b056f30daad53fa77c3255627 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 10 Mar 2026 04:09:32 +0100 Subject: [PATCH 3/6] docs: update autodiscovery guide --- docs/autodiscovery.rst | 79 +++++++++++++++++++++++++++++++++++------- 1 file changed, 67 insertions(+), 12 deletions(-) diff --git a/docs/autodiscovery.rst b/docs/autodiscovery.rst index a630850..34ef3d6 100644 --- a/docs/autodiscovery.rst +++ b/docs/autodiscovery.rst @@ -1,18 +1,73 @@ Autodiscovery ============= -`RFC6186 `_ allows supporting email clients to automatically discover SMTP / IMAP addresses -of the mailserver. For that, the following records are required: +`RFC6186`_ defines how email clients can automatically discover a mail server's +SMTP and IMAP endpoints. To enable this, the following DNS records must be +configured: -================= ==== ==== ======== ====== ==== ================= -Record TTL Type Priority Weight Port Value -================= ==== ==== ======== ====== ==== ================= -_submission._tcp 3600 SRV 5 0 587 mail.example.com. -_submissions._tcp 3600 SRV 5 0 465 mail.example.com. -_imap._tcp 3600 SRV 5 0 143 mail.example.com. -_imaps._tcp 3600 SRV 5 0 993 mail.example.com. -================= ==== ==== ======== ====== ==== ================= +.. csv-table:: Resource record set + :header: "Name", "TTL", "Type", "Priority", "Weight", "Port", "Value" + :widths: 30, 5, 5, 5, 5, 5, 20 -Please note that only a few MUAs currently implement this. For vendor-specific -discovery mechanisms `automx `_ can be used instead. + _submissions._tcp.example.com., 3600, SRV, 10, 1, 465, mail.example.com. + _imaps._tcp.example.com., 3600, SRV, 10, 1, 993, mail.example.com. + +Legacy records +^^^^^^^^^^^^^^ + +The following DNS records are only supported with +:option:`mailserver.enableSubmission` and :option:`mailserver.enableImap`, +because they only support connections with explicit TLS. These services are +disabled by default because they are deprecated through `RFC8314 4.1`_. + +.. csv-table:: Resource record set + :header: "Name", "TTL", "Type", "Priority", "Weight", "Port", "Value" + :widths: 30, 5, 5, 5, 5, 5, 20 + + _submission._tcp.example.com., 3600, SRV, 20, 1, 587, mail.example.com. + _imap._tcp.example.com., 3600, SRV, 20, 1, 143, mail.example.com. + +Client support +^^^^^^^^^^^^^^ +*As researched in March 2026* + +Only a small number of MUAs currently implement this. The most common concern +from the bigger and security-conscious vendors is lack of widespread DNSSEC +propagation that could be used to authenticate these SRV records. + +- Aerc: since 0.20.1 + + - ``_submissions._tcp`` support submitted in https://lists.sr.ht/~rjarry/aerc-devel/patches/68173 + +- Evolution: Since 3.49.3 for mail accounts + + - https://gitlab.gnome.org/GNOME/evolution/-/wikis/Autoconfig + - https://gitlab.gnome.org/GNOME/evolution/-/issues/941 + +Unsupported +*********** +- DeltaChat: + + - https://github.com/chatmail/core/issues/1508 + +- Thunderbird: + + - Desktop: https://bugzilla.mozilla.org/show_bug.cgi?id=342242 + - Android: https://github.com/thunderbird/thunderbird-android/issues/4721 + + +Vendor-specific autoconfig +^^^^^^^^^^^^^^^^^^^^^^^^^^ + +The `automx2`_ service can provide autoconfig support for Apple's +`mobileconfig`_, Microsoft's `Autodiscover`_ and Mozilla's `Autoconfig`_ +standards. It does however lack support for multiple mail domains and isn't open for +contributions due to copyright concerns. + +.. _mobileconfig: https://support.apple.com/de-de/guide/profile-manager/pmdbd71ebc9/mac +.. _Autodiscover: https://learn.microsoft.com/en-us/exchange/architecture/client-access/autodiscover?view=exchserver-2019 +.. _Autoconfig: https://benbucksch.github.io/autoconfig-spec/draft-ietf-mailmaint-autoconfig.html +.. _automx2: https://github.com/rseichter/automx2 +.. _RFC6186: https://www.rfc-editor.org/rfc/rfc6186 +.. _RFC8314 4.1: https://www.rfc-editor.org/rfc/rfc8314#section-4.1 From 5e43dafc96acd0041f4bf9fb364a54e2753b0550 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 10 Mar 2026 04:20:29 +0100 Subject: [PATCH 4/6] docs: update Flakes example and add a small example how to deploy with nixos-rebuild. --- docs/flakes.nix | 35 +++++++++++++++++++++++++++++++++++ docs/flakes.rst | 38 +++++++++++++------------------------- 2 files changed, 48 insertions(+), 25 deletions(-) create mode 100644 docs/flakes.nix diff --git a/docs/flakes.nix b/docs/flakes.nix new file mode 100644 index 0000000..a74bdfa --- /dev/null +++ b/docs/flakes.nix @@ -0,0 +1,35 @@ +{ + description = "NixOS configuration"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11-small"; + + simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-25.11"; + simple-nixos-mailserver.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = + { + nixpkgs, + simple-nixos-mailserver, + ... + }: + { + nixosConfigurations = { + hostname = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; # or aarch64-linux + modules = [ + simple-nixos-mailserver.nixosModule + { + mailserver = { + enable = true; + + # Check the setup guide if you have no idea how to continue + # from here! + }; + } + ]; + }; + }; + }; +} diff --git a/docs/flakes.rst b/docs/flakes.rst index f56ec96..8a21bee 100644 --- a/docs/flakes.rst +++ b/docs/flakes.rst @@ -1,30 +1,18 @@ -Nix Flakes -========== +Flakes +====== -If you're using `flakes `__, you can use -the following minimal ``flake.nix`` as an example: +To use NixOS mailserver `Nix flakes`_, the following minimal ``flake.nix`` can +serve as an example to get started: -.. code:: nix +.. _Nix flakes: https://wiki.nixos.org/wiki/Flakes - { - description = "NixOS configuration"; +.. literalinclude:: ./flakes.nix + :language: nix - inputs.simple-nixos-mailserver.url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-20.09"; - outputs = { self, nixpkgs, simple-nixos-mailserver }: { - nixosConfigurations = { - hostname = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - simple-nixos-mailserver.nixosModule - { - mailserver = { - enable = true; - # ... - }; - } - ]; - }; - }; - }; - } +Lock the inputs and deploy the system closure: + +.. code-block:: console + + nix flake lock + nixos-rebuild --target-host root@mail.example.com --flake .#hostname switch From d04d1a565b5fa134bdc9b5a7082b901cb21f4320 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 10 Mar 2026 02:50:38 +0100 Subject: [PATCH 5/6] docs: reorganize how-to section, create integrations section Radicale and Roundcube don't fit so well with the other how to's in that they configure additional external services instead of directly modifying the NixOS mailserver setup. We also sort the How-To section alphabetically. his unclutters the nav somewhat --- docs/index.rst | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/docs/index.rst b/docs/index.rst index 469e876..4d5cb3c 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -33,12 +33,17 @@ Welcome to NixOS Mailserver's documentation! :maxdepth: 0 :caption: How-to + autodiscovery backup-guide + flakes + rspamd-tuning + +.. toctree:: + :maxdepth: 0 + :caption: Integrations + radicale roundcube - rspamd-tuning - flakes - autodiscovery Indices and tables ================== From 1c57aab586255f8e91dcb7eeec35e9876c50f167 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 10 Mar 2026 04:46:20 +0100 Subject: [PATCH 6/6] treewide: fix typos and other minor issues --- README.md | 2 +- default.nix | 7 ++++--- docs/backup-guide.rst | 2 +- docs/fts.rst | 2 +- docs/howto-develop.rst | 4 ++-- docs/release-notes.rst | 6 +++--- docs/rspamd-tuning.rst | 2 +- flake.nix | 2 +- mail-server/dovecot.nix | 4 ++-- tests/external.nix | 6 +++--- tests/ldap.nix | 2 +- 11 files changed, 20 insertions(+), 19 deletions(-) diff --git a/README.md b/README.md index ec0c7f8..519e342 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ SNM branch corresponding to your NixOS version. ## Features -* [x] Continous Integration Testing +* [x] Continuous Integration Testing * [x] Multiple Domains * Postfix * [x] SMTP on port 25 diff --git a/default.nix b/default.nix index 6e12d26..f1f50bb 100644 --- a/default.nix +++ b/default.nix @@ -336,7 +336,7 @@ in default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; defaultText = literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)"; description = '' - Certifificate trust anchors used to verify the LDAP server certificate. + Certificate trust anchors used to verify the LDAP server certificate. ''; }; @@ -948,10 +948,11 @@ in ]; default = "rsa"; description = '' - The key type used for generating DKIM keys. ED25519 was introduced in RFC6376 (2018). + The key type used for generating DKIM keys. Ed25519 support was + introduced in RFC6376 (2018). :::{warning} - ED25519 DKIM keys are currently not recommended for primary use, as + Ed25519 DKIM keys are currently not recommended for primary use, as various DKIM validators out there lack support and consider the keypair invalid. ::: diff --git a/docs/backup-guide.rst b/docs/backup-guide.rst index 67d08d0..71b6ff4 100644 --- a/docs/backup-guide.rst +++ b/docs/backup-guide.rst @@ -12,7 +12,7 @@ anything works, as it is simply a folder with plenty of files in it. If your backup solution does not preserve the owner of the files don’t forget to ``chown`` them to ``virtualMail:virtualMail`` if you copy them back (or whatever you specified as ``vmailUserName``, and -``vmailGoupName``). +``vmailGroupName``). If you enabled ``enableManageSieve`` then you also may want to backup ``/var/sieve`` or whatever you have specified as ``sieveDirectory``. diff --git a/docs/fts.rst b/docs/fts.rst index bb2fe88..40a3261 100644 --- a/docs/fts.rst +++ b/docs/fts.rst @@ -48,7 +48,7 @@ recommended to move indices in a different location, such as When the value of the ``indexDir`` option is changed, all dovecot indices needs to be recreated: clients would need to resynchronize. -Indexation itself is rather resouces intensive, in CPU, and for emails with +Indexation itself is rather resource intensive, in CPU, and for emails with large headers, in memory as well. Initial indexation of existing emails can take hours. If the indexer worker is killed or segfaults during indexation, it can be that it tried to allocate more memory than allowed. You can increase the memory diff --git a/docs/howto-develop.rst b/docs/howto-develop.rst index 700f9d0..dec8943 100644 --- a/docs/howto-develop.rst +++ b/docs/howto-develop.rst @@ -38,8 +38,8 @@ You can then run the testsuite via $ nix flake check -L -Since Nix doesn't garantee your machine have enough resources to run -all test VMs in parallel, some tests can fail. You would then haev to +Since Nix doesn't guarantee your machine have enough resources to run +all test VMs in parallel, some tests can fail. You would then have to run tests manually. For instance: :: diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 4b81711..b7b988b 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -35,14 +35,14 @@ NixOS 25.11 1024 bit keys should not be considered valid any longer. - IMAP access over port ``143/tcp`` is now default disabled in line with `RFC 8314 4.1`_. Use IMAP over implicit TLS on port ``993/tcp`` - instead. If you still require this feature you can reenable it using + instead. If you still require this feature you can re-enable it using ``mailserver.enableImap``, but it is scheduled for removal after the 25.11 release. - SMTP server and client now support and prefer a hybrid key exchange (X25519MLKEM768) - SMTP access over STARTTLS on port ``587/tcp`` is now default disabled in line - with `RFC 8314 3.3`_. If you still require this feature you can renable it using - ``mailserver.enableSubmission``. + with `RFC 8314 3.3`_. If you still require this feature you can re-enable it + using ``mailserver.enableSubmission``. - DMARC reports are now sent with the ``noreply-dmarc`` localpart from the system domain. - DANE and MTA-STS are now validated for outgoing SMTP connections using diff --git a/docs/rspamd-tuning.rst b/docs/rspamd-tuning.rst index bada5e8..6706db6 100644 --- a/docs/rspamd-tuning.rst +++ b/docs/rspamd-tuning.rst @@ -94,7 +94,7 @@ With an nginx reverse-proxy If you have a secured nginx reverse proxy set on the host, you can use it to expose the socket. **Keep in mind the UI is unsecured by default, you need to setup an authentication scheme**, for -exemple with `basic auth `_: +example with `basic auth `_: .. code:: nix diff --git a/flake.nix b/flake.nix index f24f852..6b3ef24 100644 --- a/flake.nix +++ b/flake.nix @@ -155,7 +155,7 @@ markdownlint = { enable = true; settings.configuration = { - # Max line length, doesn't seem to correclty account for lines containing links + # Max line length, doesn't seem to correctly account for lines containing links # https://github.com/DavidAnson/markdownlint/blob/main/doc/md013.md MD013 = false; }; diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index d3d0722..c757005 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -145,7 +145,7 @@ let lib.filterAttrs (_: v: v ? "specialUse" && v.specialUse == "Junk") cfg.mailboxes ); junkMailboxNumber = builtins.length junkMailboxes; - # The assertion garantees there is exactly one Junk mailbox. + # The assertion guarantees there is exactly one Junk mailbox. junkMailboxName = if junkMailboxNumber == 1 then builtins.elemAt junkMailboxes 0 else ""; mkLdapSearchScope = @@ -206,7 +206,7 @@ in }; }; - # for sieve-test. Shelling it in on demand usually doesnt' work, as it reads + # for sieve-test. Shelling it in on demand usually doesn't work, as it reads # the global config and tries to open shared libraries configured in there, # which are usually not compatible. environment.systemPackages = [ diff --git a/tests/external.nix b/tests/external.nix index bf9e0a8..21503ba 100644 --- a/tests/external.nix +++ b/tests/external.nix @@ -430,9 +430,9 @@ # fetchmail returns EXIT_CODE 0 when it retrieves mail client.succeed("fetchmail --nosslcertck -v") - with subtest("catchAlls"): + with subtest("domain catch-all"): client.execute("rm ~/mail/*") - # send email from chuck to non exsitent account + # send email from chuck to non-existent account client.succeed( "msmtp -a test3 --tls=on --tls-certcheck=off --auth=on lol@example.com < /etc/root/email2 >&2" ) @@ -447,7 +447,7 @@ ) server.wait_until_fails('[ "$(postqueue -p)" != "Mail queue is empty" ]') # fetchmail returns EXIT_CODE 1 when no new mail - # if this succeeds, it means that user1 recieved the mail that was intended for chuck. + # if this succeeds, it means that user1 received the mail that was intended for chuck. client.fail("fetchmail --nosslcertck -v") with subtest("extraVirtualAliases"): diff --git a/tests/ldap.nix b/tests/ldap.nix index 9cff68f..c150567 100644 --- a/tests/ldap.nix +++ b/tests/ldap.nix @@ -135,7 +135,7 @@ in # This function retrieves the ldap table file from a postconf # command. - # A key lookup is achived and the returned value is compared + # A key lookup is achieved and the returned value is compared # to the expected value. def test_lookup(postconf_cmdline, key, expected): conf = machine.succeed(postconf_cmdline).rstrip()