patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

fix: disable mta-sts

Browse source
This commit is contained in:
Patrick 2024-11-30 16:18:25 +01:00
parent 27e1a7cc3f
commit 35b44225ab
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
3 changed files with 3 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
config/services/stalwart.nix
View file

@ -152,7 +152,6 @@ in
[ [
"autoconfig.${domain}" "autoconfig.${domain}"
"autodiscover.${domain}" "autodiscover.${domain}"
"mta-sts.${domain}"
] ]
(_: { (_: {
forceSSL = true; forceSSL = true;
@ -638,6 +637,9 @@ in
]; ];
}; };
# needs certificate for all domain
# Dane is better anyway
session.mta-sts.mode = "none";
session.ehlo = { session.ehlo = {
require = true; require = true;
reject-non-fqdn = [ reject-non-fqdn = [

4
hosts/mailnix/net.nix
View file

@ -58,10 +58,6 @@
domain = config.secrets.secrets.global.domains.mail_public; domain = config.secrets.secrets.global.domains.mail_public;
extraDomainNames = [ "*.${config.secrets.secrets.global.domains.mail_public}" ]; extraDomainNames = [ "*.${config.secrets.secrets.global.domains.mail_public}" ];
}; };
"${config.secrets.secrets.global.domains.mail_private}" = {
domain = config.secrets.secrets.global.domains.mail_private;
extraDomainNames = [ "*.${config.secrets.secrets.global.domains.mail_private}" ];
};
}; };
environment.persistence."/state".directories = [ environment.persistence."/state".directories = [
{ {

BIN
secrets/secrets.nix.age
View file

Binary file not shown.