diff options
| author | sinanmohd <sinan@sinanmohd.com> | 2025-01-09 21:55:36 +0530 |
|---|---|---|
| committer | sinanmohd <sinan@sinanmohd.com> | 2025-01-09 21:55:36 +0530 |
| commit | 9695d5f82cec1da26e13d5ab77a6f9d3b38bcb75 (patch) | |
| tree | 6696e0ba2fab49829dd9b177f394f3ca2d4e3fc1 | |
| parent | c576f263a760c7502bf6cbac4fa6087f00ad7409 (diff) | |
kay/mail: clean up
| -rw-r--r-- | os/kay/modules/mail.nix | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/os/kay/modules/mail.nix b/os/kay/modules/mail.nix index 33a78ab..22f9c2d 100644 --- a/os/kay/modules/mail.nix +++ b/os/kay/modules/mail.nix @@ -91,32 +91,34 @@ in { signature = { rsa = { - private-key = "%{file:/${credentials_directory}/dkim_rsa}%"; + private-key = "%{file:${credentials_directory}/dkim_rsa}%"; inherit domain; selector = "rsa"; headers = ["From" "To" "Date" "Subject" "Message-ID"]; algorithm = "rsa-sha-256"; - canonicalization = "relaxed/relaxed"; # what + canonicalization = "simple/simple"; - expire = "10d"; + set-body-length = true; + expire = "2d"; report = true; }; ed25519 = { - private-key = "%{file:/${credentials_directory}/dkim_ed25519}%"; + private-key = "%{file:${credentials_directory}/dkim_ed25519}%"; inherit domain; selector = "ed25519"; headers = ["From" "To" "Date" "Subject" "Message-ID"]; algorithm = "ed25519-sha256"; - canonicalization = "relaxed/relaxed"; # what + canonicalization = "simple/simple"; - expire = "10d"; + set-body-length = true; + expire = "2d"; report = true; }; }; certificate."default" = { - cert = "%{file:/${credentials_directory}/cert}%"; - private-key = "%{file:/${credentials_directory}/key}%"; + cert = "%{file:${credentials_directory}/cert}%"; + private-key = "%{file:${credentials_directory}/key}%"; }; storage = { @@ -124,7 +126,7 @@ in { fts = "postgresql"; blob = "postgresql"; lookup = "postgresql"; - directory = "in-memory"; + directory = "memory"; }; store.postgresql = { type = "postgresql"; @@ -136,20 +138,21 @@ in { pool.max-connections = 10; }; - directory."in-memory" = { + directory."memory" = { type = "memory"; + principals = [ { class = "admin"; name = username; - secret = "%{file:/${credentials_directory}/password}%"; + secret = "%{file:${credentials_directory}/password}%"; inherit email; } { # for mta-sts & dmarc reports class = "individual"; name = "reports"; - secret = "%{file:/${credentials_directory}/password}%"; - email = "reports@${domain}"; + secret = "%{file:${credentials_directory}/password}%"; + email = [ "reports@${domain}" ]; } ]; }; |