nerf/nixConfig
1
0
Fork 0
forked from Fachschaft/nixConfig
Code Pull requests Activity

Add patch to allow alias files to redirect to their sender

Browse source
This commit is contained in:
Gonne 2025-02-25 16:19:10 +01:00
parent 5a80d86bd3
commit f0e584e239
3 changed files with 70 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
flake-module.nix
View file

@ -1,4 +1,8 @@
{inputs, ...}: {
{
inputs,
lib,
...
}: {
# debug = true;
# We only define machines config in this flake yet, so we only include
# the module that builds these. This file might get fuller, if we need to
@ -55,8 +59,41 @@
config.permittedInsecurePackages = ["jitsi-meet-1.0.8043"];
overlays = [
(_: _: {
(_: prev: {
alias-to-sieve = inputs.alias-to-sieve.packages.x86_64-linux.default; # add custom package to convert alias files to sieve scripts on the stalwart machine
stalwart-mail = assert lib.assertMsg (prev.stalwart-mail.version == "0.11.6-unstable-2025-02-04") ''
1. If the bug https://github.com/stalwartlabs/sieve/issues/11 is resolved to our satisfaction, try to remove this overlay.
2. Check whether sieve-rs recieved new updates that our patch needs to be rebased upon.
3. Check whether the sieve-rs patch below that exchanges the dependency needs updates.
4. Then update the version comparison in this assert statement.
5. Update the `cargoHash` by setting it to `lib.fakeHash` and then inserting the result.
6. Check if we can get rid of alias-to-sieve when stalwart-mail has a builtin mail-forwarding feature.
'';
# This override encapsulates the buildRustPackage function in a function that takes the arguments given by the nixpkgs-version of stalwart-mail
# and adds our patch to the arguments before handing the new arguments to buildRustPackage.
prev.stalwart-mail.override (
let
rp = pkgs.rustPlatform;
in {
rustPlatform =
rp
// {
buildRustPackage = args:
rp.buildRustPackage (
args
// rec {
cargoPatches = [
# Let stalwart-mail depend on our own version of the sieve crate that does not have some “loop prevention” that disables redirects to the original sender.
# We want to redirect to sender if we simulate alias files and not doing so barely prevents loops in my opinion.
./patches/sieve-rs.patch
];
# Replace the string with `lib.fakeHash` after version changes in order to get the new hash value.
cargoHash = "sha256-gb2oFlVA/vE6DoWWW8SCFA3l7rtV2RuosPUY+6IcKNM=";
}
);
};
}
);
})
];
};

4
nixos/modules/mail.nix
View file

@ -1,4 +1,8 @@
/*
* Building: We patch our version of stalwart and thus need to built it locally.
* Be aware that this needs some hours, about 12Gb RAM and a few Gb free space in /tmp.
* If you only want to deploy configuration changes and no software updates, consider building on the target VM.
* It has stalwart in its nix store and does not need to rebuild it.
* Forwarding mails: Update the Sops-secrets in the machine directory, rebuild on the VM and deploy.
* Everything else should happen automatically but new redirects might take up to two hours due HRZ infrastructure.
* Using the web admin interface: Set your SSH to do portforwarding of some local port to port 80 of the VM and

27
patches/sieve-rs.patch Normal file
View file

@ -0,0 +1,27 @@
diff --git a/Cargo.lock b/Cargo.lock
index be36759b..b4316639 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -6404,8 +6404,7 @@ checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
[[package]]
name = "sieve-rs"
version = "0.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "15ac54053752c25a0e545dd1953de716abcc80b12cfe0b6c2f2c1c73759d4f45"
+source = "git+https://gitea.mathebau.de/fachschaft/sieve-rs.git#71324550504c0f84fe3e814d05cbe22f90a3b228"
dependencies = [
"ahash 0.8.11",
"bincode",
diff --git a/Cargo.toml b/Cargo.toml
index f055474f..2b64c9ac 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -63,3 +63,7 @@ incremental = false
debug-assertions = false
overflow-checks = false
rpath = false
+
+
+[patch.crates-io]
+sieve-rs = { git = 'https://gitea.mathebau.de/fachschaft/sieve-rs.git' }