simple-nixos-mailserver

Author	SHA1	Message	Date
Martin Weinelt	583a362c5b	Merge branch 'tls-updates' into 'main' TLS updates See merge request simple-nixos-mailserver/nixos-mailserver!518	2026-04-26 21:48:52 +00:00
Martin Weinelt	3ab15c2e30	docs/release-notes: add tls changes	2026-04-26 01:47:39 +02:00
Martin Weinelt	ecbe707330	postfix/dovecot: support SecP256r1MLKME768 key exchange Added support means we allow it, but for now we don't prefer it, since it has not seen much use yet. For Postfix that means it lands below the two groups that already send a key share and save us a roundtrip. https://www.ietf.org/archive/id/draft-kwiatkowski-tls-ecdhe-mlkem-02.html	2026-04-26 01:04:33 +02:00
Martin Weinelt	7909eabac2	postfix: require AEAD & ECDHE cipher suites This drops ARIA, Camellia and AES-CBC support from TLSv1.2 cipher suites. When we explicitly restrict the cipherlist in Postfix, then we need to define TLSv1.3 cipher suites in our OpenSSL config file.	2026-04-26 01:04:33 +02:00
Martin Weinelt	8d6b14c82c	postfix: restrict TLS signing algorithms Prunes the list preset and removes SHA-1 to restore compatibility with NCSC TLS security guidelines.	2026-04-26 01:04:32 +02:00
Martin Weinelt	e6c4a96f50	Merge branch 'fix/overeager-scheme-prepend' into 'main' Only prepend {CRYPT} scheme if there is no scheme present See merge request simple-nixos-mailserver/nixos-mailserver!517	2026-04-23 13:29:01 +00:00
Charlotte Van Petegem	6e9a4420b3	Only prepend {CRYPT} scheme if there is no scheme present	2026-04-23 14:45:22 +02:00
Martin Weinelt	0b1ca54241	hydra: use nixpkgs-unstable instead of nixos-unstable-small We don't need the fast pace of unstable-small, but we still want to stay current with built packages on unstable for evaluations.	2026-04-21 15:00:29 +02:00
Martin Weinelt	bd5b08681a	Merge branch 'dovecot-2.4.3' into 'main' dovecot: migrate to dovecot 2.4 See merge request simple-nixos-mailserver/nixos-mailserver!512	2026-04-20 23:23:08 +00:00
Martin Weinelt	198246f2c2	fts: update docs and defaults	2026-04-21 00:58:58 +02:00
Martin Weinelt	f9d1435378	dovecot: migrate to dovecot 2.4	2026-04-20 15:39:36 +02:00
Martin Weinelt	7dce7fbd5a	Merge branch 'add-option-custom-reject-sender-message-release-notes' into 'main' Add Release Note for rejectSenderMessage and fix typo See merge request simple-nixos-mailserver/nixos-mailserver!515	2026-04-19 14:27:24 +00:00
Lennart Mühlenmeier	99a9b6efb7	Add Release Note for rejectSenderMessage and fix typo Forgot about adding a Release Note for rejectSenderMessage https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/merge_requests/453, also fixing a typo in that already merged commit I just noticed.	2026-04-19 09:32:41 +02:00
Martin Weinelt	fdb1be9b50	Merge branch 'update-dovecot-hostname' into 'main' dovecot: fix hostname to fqdn See merge request simple-nixos-mailserver/nixos-mailserver!510	2026-04-19 00:12:04 +00:00
Martin Weinelt	21399f334c	Merge branch 'update-rspamd-headers' into 'main' rspamd: add authentication-results header See merge request simple-nixos-mailserver/nixos-mailserver!513	2026-04-19 00:02:44 +00:00
Martin Weinelt	7fe61cc1a3	Merge branch 'tests-uds-helper' into 'main' tests: migrate to wait_for_open_unix_socket helper See merge request simple-nixos-mailserver/nixos-mailserver!514	2026-04-18 21:12:40 +00:00
Martin Weinelt	25fae6f36e	tests: migrate to wait_for_open_unix_socket helper	2026-04-18 23:04:09 +02:00
Lafiel	903d0cc8ad	rspamd: add authentication-results header	2026-04-18 18:10:00 +03:00
Martin Weinelt	e4017308b2	flake.lock: Update Flake lock file updates: • Updated input 'git-hooks': 'github:cachix/git-hooks.nix/c06f90f1eb6569bdaf6a4a10cb7e66db4454ac2a' (2026-03-31) → 'github:cachix/git-hooks.nix/580633fa3fe5fc0379905986543fd7495481913d' (2026-04-07) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/c88e63f4caf12c731f61ce71f300680ce73c180e' (2026-04-12) → 'github:NixOS/nixpkgs/9a3a5b8400951b3497d2ef8f239f8451175cf3a1' (2026-04-18)	2026-04-18 16:22:38 +02:00
Martin Weinelt	93b4e5f3cd	Merge branch 'quotaUsers' into 'main' dovecot: fix quota users assertion See merge request simple-nixos-mailserver/nixos-mailserver!511	2026-04-16 00:23:56 +00:00
isabel	10b577c650	dovecot: fix quota users assertion	2026-04-16 01:04:07 +01:00
Lafiel	c67cc808ce	dovecot: fix hostname to fqdn	2026-04-15 19:30:27 +03:00
Martin Weinelt	ceb3f17fe1	Merge branch 'restore-dovecot-hierarchy-separator' into 'main' dovecot: restore hierarchy separator setting See merge request simple-nixos-mailserver/nixos-mailserver!509	2026-04-14 13:59:05 +00:00
Martin Weinelt	bb1728f27c	dovecot: restore hierarchy separator setting The application of this setting got lost in the structured settings migration. Ref: `44149c5`	2026-04-14 14:33:29 +02:00
Martin Weinelt	4ddd48b573	Merge branch 'dovecot-rfc42' into 'main' dovecot: migrate to settings option See merge request simple-nixos-mailserver/nixos-mailserver!498	2026-04-12 23:25:29 +00:00
Martin Weinelt	f1e4af7184	dovecot: run lmtp service under storage owner user Previously it ran as root, which is not required since we use a single uid/gid for all mail storage.	2026-04-13 01:19:14 +02:00
Martin Weinelt	0da8e2b197	quota: expose global quota settings With the options in the upstream dovecot module gone the quota support and its option now live in our downstream module. The only behavior change this introduces is not setting a global per user default instead of the previous 100G per user. Diabling quota support and setting per user quotas now raises an assertion: ```` Failed assertions: - Without quota support enabled, per-user quotas cannot be applied to the following accounts: - lowquota@example.com Either remove per user quota settings or re-enable `mailserver.quota.enable`. ````	2026-04-13 01:19:14 +02:00
Martin Weinelt	44149c527e	dovecot: migrate to settings option	2026-04-13 01:19:14 +02:00
Martin Weinelt	ffb64609a5	flake.lock: Update Flake lock file updates: • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/2f4fd5e1abf9bac8c1d22750c701a7a5e6b524c6' (2026-03-31) → 'github:NixOS/nixpkgs/c88e63f4caf12c731f61ce71f300680ce73c180e' (2026-04-12)	2026-04-13 01:19:14 +02:00
Martin Weinelt	d98a6302f1	ci: run on main branch	2026-04-12 03:59:39 +02:00
Martin Weinelt	5688b25151	hydra: drop nixos-25.05 branch	2026-04-12 03:54:42 +02:00
Martin Weinelt	3277481550	hydra: migrate tests from master to main	2026-04-12 03:54:42 +02:00
Martin Weinelt	1b33655bcb	Switch default branch to main	2026-04-12 03:54:39 +02:00
Martin Weinelt	44c63067d4	hydra: run declarative jobset against unstable-small This is a moving target. Before we were sitting on a commit from 2020.	2026-04-12 01:58:08 +02:00
Martin Weinelt	c45a1e4385	docs: bump stateVersion in setup-example The setup example is for new users who don't need to do any migrations just yet.	2026-04-03 21:25:24 +02:00
Martin Weinelt	493f0ff8a7	Merge branch 'ldap-uuid-attr-crash' into 'master' dovecot: drop redundant uuid mapping in user_attrs Closes #352 See merge request simple-nixos-mailserver/nixos-mailserver!506	2026-03-31 23:21:42 +00:00
Martin Weinelt	42650aad4d	dovecot: drop redundant uuid mapping in user_attrs This was redundant at best and crashing Dovecot at worst, due to multiple requests for the uuid field name. Closes: #352	2026-03-31 23:17:08 +02:00
Martin Weinelt	f18985058e	flake.lock: Update Flake lock file updates: • Updated input 'git-hooks': 'github:cachix/git-hooks.nix/f799ae951fde0627157f40aec28dec27b22076d0' (2026-03-21) → 'github:cachix/git-hooks.nix/c06f90f1eb6569bdaf6a4a10cb7e66db4454ac2a' (2026-03-31) • Updated input 'nixpkgs': 'github:NixOS/nixpkgs/2cb1420c66c8e634314ce0abf70680208177f5b4' (2026-03-22) → 'github:NixOS/nixpkgs/2f4fd5e1abf9bac8c1d22750c701a7a5e6b524c6' (2026-03-31)	2026-03-31 16:18:10 +02:00
Martin Weinelt	0e176193a2	Fix various issues in the storage option descriptiosn Especially a mistake where I confused rst and markdown syntax for referencing options.	2026-03-25 18:32:54 +01:00
Martin Weinelt	07e82e06d8	Merge branch 'cleanup' into 'master' Rename loginAccounts and group storage related settings See merge request simple-nixos-mailserver/nixos-mailserver!501	2026-03-24 22:56:11 +00:00
Martin Weinelt	20f0e767cb	users: remove unused common import	2026-03-24 01:58:37 +01:00
Martin Weinelt	e13736db67	Group storage and vmail user options at mailserver.storage Create a nicer option structure that deals with the mail storage and its owner, uid, group and gid. Also includes the directory layout as a property of how mails are stored..	2026-03-24 01:57:31 +01:00
Martin Weinelt	6826d11c58	users: remove global with config.mailserver	2026-03-24 01:35:48 +01:00
Martin Weinelt	e9337b346f	Rename mailserver.loginAccounts to mailserver.accounts The "login" prefix makes this option more confusing rather than clearer, because what other account types are there? LDAP ones for example, but you can login with those too, so the prefix is pointless.	2026-03-24 01:35:48 +01:00
Martin Weinelt	5fdb686c66	docs: improve login account options	2026-03-24 01:35:48 +01:00
Martin Weinelt	3a1de3713c	Merge branch 'ldap-storage-regression' into 'master' dovecot: fix storage basedir regression in ldap home See merge request simple-nixos-mailserver/nixos-mailserver!505	2026-03-24 00:35:35 +00:00
Martin Weinelt	854cb3ad3a	tests: add regression test for custom ldap storage path By setting a custom mail storage path the home dir lookups will fail and signal something is wrong.	2026-03-24 01:29:27 +01:00
Martin Weinelt	4f3d21f386	dovecot: fix storage basedir regression in ldap home During the rewrite of the LDAP userdb field lookups the default path for the mail storage directory accidentally leaked into the home directory path.	2026-03-24 01:11:09 +01:00
Martin Weinelt	2410c89f61	Merge branch 'ldap-local-coex' into 'master' ldap: allow coexistence with local accounts See merge request simple-nixos-mailserver/nixos-mailserver!502	2026-03-23 23:26:33 +00:00
Martin Weinelt	ff5efdeeb6	Update forwards option description Mixing examples and description in the description makes it very noisy and unfocused.	2026-03-23 16:26:32 +01:00

1 2 3 4 5 ...

993 Commits