Simple nixos mail server configuration #4

New issue

Open

opened 2023-09-24 22:47:28 +00:00 by nerf · 5 comments

nerf commented 2023-09-24 22:47:28 +00:00

Owner

Copy link

This is a issue to discuss how the simple nixos mail server on nyarlathotep should be configured.

Here is the default.nix of that project
containing all the direct options. Of course the options of the postfix, rspamd, opendkim and dovecot2 modules can also still
be set by hand. Also for reference maralorns config.

How do we manage users? There are multiple ways of doing that, we can put them into the nixos config. That would be relative static.
Appropriate if we want only mailboxes for thing like, vorstand, fsr, and so on.

(Answering this question is blocking progress)

There is an option to role ldap. If we want to reuse these logins for multiple things that might be the way to go.

For all the options please read the documentation snm

This is a issue to discuss how the simple nixos mail server on nyarlathotep should be configured. Here is the [default.nix](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix) of that project containing all the direct options. Of course the options of the postfix, rspamd, opendkim and dovecot2 modules can also still be set by hand. Also for reference [maralorns config](https://code.maralorn.de/maralorn/config/src/branch/main/nixos/machines/hera/mail.nix). How do we manage users? There are multiple ways of doing that, we can put them into the nixos config. That would be relative static. Appropriate if we want only mailboxes for thing like, vorstand, fsr, and so on. (Answering this question is blocking progress) There is an option to role ldap. If we want to reuse these logins for multiple things that might be the way to go. For all the options please read the documentation [snm](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/tree/master)

nerf added this to the GOING LIVE milestone 2023-09-24 22:47:28 +00:00

nerf added the

Kind/Feature

label 2023-09-24 22:47:28 +00:00

nerf added this to the New mail on Nyarlathotep project 2023-09-24 22:47:29 +00:00

nerf added a new dependency 2023-09-24 22:48:07 +00:00

#2 Getting the new mail system live

nerf added the

Status

Need More Info

label 2023-09-27 10:05:41 +00:00

Gonne commented 2023-10-06 07:16:50 +00:00

Owner

Copy link

Let's collect some arguments.

Advocating function-only mailboxes (like FBR, Verein, Ball, …):

• We handle less personal data.
• We have a good overview over existing accounts.
• We have more control over disk usage.
• We handle less private data.
• Config is presumably simpler.
• …?

Advocating mailboxes for everyone:

• More service for everyone
• Possibly more federation of mail
• We have enough disk space.
• More intuitive configuration of clients that want to send from their @mathebau.de address
• …?

Let's collect some arguments. Advocating function-only mailboxes (like FBR, Verein, Ball, …): - We handle less personal data. - We have a good overview over existing accounts. - We have more control over disk usage. - We handle less private data. - Config is presumably simpler. - …? Advocating mailboxes for everyone: - More service for everyone - Possibly more federation of mail - We have enough disk space. - More intuitive configuration of clients that want to send from their @mathebau.de address - …?

nerf commented 2023-10-06 08:49:42 +00:00

Author

Owner

Copy link

• More intuitive configuration of clients that want to send from their @mathebau.de address
• …?

We need to differentiate between authentication and mailboxes. (I'm unsure how to configure that), but we just need to authenticate
people that want to send from the @mathebau addresses, and don't need to give them mailboxes. That is from the organizational point of view
the hard problem (authentication sucks), but we don't need disk space for them. We still can forward their incoming mails.

(This is really only a small remark, because this discussion is more about how to organize the config, and authentication is really the thing that matters)

> - More intuitive configuration of clients that want to send from their @mathebau.de address > - …? We need to differentiate between authentication and mailboxes. (I'm unsure how to configure that), but we just need to authenticate people that want to send from the @mathebau addresses, and don't need to give them mailboxes. That is from the organizational point of view the hard problem (authentication sucks), but we don't need disk space for them. We still can forward their incoming mails. (This is really only a small remark, because this discussion is more about how to organize the config, and authentication is really the thing that matters)

Gonne commented 2023-10-08 10:59:28 +00:00

Owner

Copy link

I think we should start with with function-only accounts.

I think we should start with with function-only accounts.

Gonne commented 2024-01-04 14:53:19 +00:00

Owner

Copy link

In der FaSer-Diskussion sind wir der Meinung, gerne Mailboxen für alle Menschen haben zu wollen, die einen benötigen. Das fällt aus der sinnvollen Rechteverwaltung von Funktionskonten hoffentlich einfach heraus.

Eventuell ist es sinnvoll, trotzdem erstmal die existierenden Mailboxen hartzucoden.

In der FaSer-Diskussion sind wir der Meinung, gerne Mailboxen für alle Menschen haben zu wollen, die einen benötigen. Das fällt aus der sinnvollen Rechteverwaltung von Funktionskonten hoffentlich einfach heraus. Eventuell ist es sinnvoll, trotzdem erstmal die existierenden Mailboxen hartzucoden.

Gonne commented 2024-01-20 12:41:25 +00:00

Owner

Copy link

Perhaps I will start by aiming at replacing the existing functionality by a Nix machine first. That seems more achievable to me and afterwards I may have learnt enough about Nix to try the rest.

Especially concerning our currently broken mailman web interface that would be an improvement.

Perhaps I will start by aiming at replacing the existing functionality by a Nix machine first. That seems more achievable to me and afterwards I may have learnt enough about Nix to try the rest. Especially concerning our currently broken mailman web interface that would be an improvement.

Sign in to join this conversation.

nyarlathtop

Branches Tags

Clear current reference

main

nyarlathtop

Clear current reference

No results found.

Labels

Clear labels   

Kind/Breaking

Breaking change that won't be backward compatible

  

Kind/Bug

Something is not working

  

Kind/Documentation

Documentation changes

  

Kind/Enhancement

Improve existing functionality

  

Kind/Feature

New functionality

  

Kind/Security

This is security issue

  

Kind/Testing

Issue or pull request related to testing

  

Priority

Critical

The priority is critical

  

Priority

High

The priority is high

  

Priority

Low

The priority is low

  

Priority

Medium

The priority is medium

  

Reviewed

Confirmed

Issue has been confirmed

  

Reviewed

Duplicate

This issue or pull request already exists

  

Reviewed

Invalid

Invalid issue

  

Reviewed

Won't Fix

This issue won't be fixed

  

Status

Abandoned

Somebody has started to work on this but abandoned work

  

Status

Blocked

Something is blocking this issue or pull request

  

Status

Need More Info

Feedback is required to reproduce issue or to continue work

No labels

Kind/Breaking

Kind/Bug

Kind/Documentation

Kind/Enhancement

Kind/Feature

Kind/Security

Kind/Testing

Priority

Critical

Priority

High

Priority

Low

Priority

Medium

Reviewed

Confirmed

Reviewed

Duplicate

Reviewed

Invalid

Reviewed

Won't Fix

Status

Abandoned

Status

Blocked

Status

Need More Info

Milestone

Clear milestone

No items

No milestone

GOING LIVE

Projects

Clear projects

No items

No project

New mail on Nyarlathotep

Assignees

Clear assignees

No assignees

2 participants

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Blocks

#2 Getting the new mail system live

Fachschaft/nixConfig

Reference: Fachschaft/nixConfig#4

No description provided.