From e4aa2d151723c38d89dce944e165ee5c6c704db5 Mon Sep 17 00:00:00 2001 From: emilylange Date: Sun, 12 Apr 2026 04:07:05 +0200 Subject: [PATCH] sieve: move `cfg.sieveDirectory` into home directory of virtual users --- default.nix | 11 +++-------- docs/backup-guide.rst | 5 ----- mail-server/dovecot.nix | 6 ++++-- mail-server/users.nix | 29 ----------------------------- 4 files changed, 7 insertions(+), 44 deletions(-) diff --git a/default.nix b/default.nix index 9be324e..d1cceda 100644 --- a/default.nix +++ b/default.nix @@ -1056,14 +1056,6 @@ in ''; }; - sieveDirectory = mkOption { - type = types.path; - default = "/var/sieve"; - description = '' - Where to store the sieve scripts. - ''; - }; - virusScanning = mkOption { type = types.bool; default = false; @@ -1795,5 +1787,8 @@ in (mkRemovedOptionModule [ "mailserver" "fullTextSearch" "autoIndexExclude" ] '' Configure `fts_autoindex` on mail directories in `mailserver.mailboxes` instead. '') + (mkRemovedOptionModule [ "mailserver" "sieveDirectory" ] '' + The Sieve directory has been moved into the virtual Dovecot home directory of each user and can longer be configured. + '') ]; } diff --git a/docs/backup-guide.rst b/docs/backup-guide.rst index 3a7306a..e0af3f9 100644 --- a/docs/backup-guide.rst +++ b/docs/backup-guide.rst @@ -13,11 +13,6 @@ solution does not preserve the owner of the files don’t forget to ``chown`` th to ``virtualMail:virtualMail`` if you copy them back (or whatever you specified as :option:`mailserver.storage.owner`, and :option:`mailserver.storage.group`). -If you enabled ``enableManageSieve`` then you also may want to backup -``/var/sieve`` or whatever you have specified as ``sieveDirectory``. -The same considerations regarding file ownership apply as for the -Maildir. - To backup spam and ham training data, backup ``/var/lib/redis-rspamd``. Finally you can (optionally) make a backup of ``/var/dkim`` (or whatever you diff --git a/mail-server/dovecot.nix b/mail-server/dovecot.nix index a9c01c7..34122d2 100644 --- a/mail-server/dovecot.nix +++ b/mail-server/dovecot.nix @@ -364,8 +364,10 @@ in "sieve_script personal" = { # managesieve type = "personal"; - active_path = "${cfg.sieveDirectory}/%{user}/active.sieve"; - path = "${cfg.sieveDirectory}/%{user}/scripts"; + # Upstream default, but we want to be explicit about it + # https://doc.dovecot.org/main/core/plugins/sieve.html#script-storage-type-personal + active_path = "~/.dovecot.sieve"; + path = "~/sieve"; }; sieve_extensions = { diff --git a/mail-server/users.nix b/mail-server/users.nix index 4d20e9f..a740245 100644 --- a/mail-server/users.nix +++ b/mail-server/users.nix @@ -16,32 +16,12 @@ { config, - pkgs, lib, ... }: let cfg = config.mailserver; - - virtualMailUsersActivationScript = - pkgs.writeScript "activate-virtual-mail-users" - # bash - '' - #!${pkgs.stdenv.shell} - - set -euo pipefail - - # Prevent world-readable paths, even temporarily. - umask 007 - - # Create directory to store user sieve scripts if it doesn't exist - if (! test -d "${cfg.sieveDirectory}"); then - mkdir "${cfg.sieveDirectory}" - chown "${cfg.storage.owner}:${cfg.storage.group}" "${cfg.sieveDirectory}" - chmod 770 "${cfg.sieveDirectory}" - fi - ''; in { config = lib.mkIf cfg.enable { @@ -80,14 +60,5 @@ in home = cfg.storage.path; createHome = true; }; - - systemd.services.activate-virtual-mail-users = { - wantedBy = [ "multi-user.target" ]; - before = [ "dovecot.service" ]; - serviceConfig = { - ExecStart = virtualMailUsersActivationScript; - }; - enable = true; - }; }; }