From 2ee23bc03ac0de6560a97952d01c47ae1bb0ef5e Mon Sep 17 00:00:00 2001 From: Egor Savkin Date: Tue, 15 Oct 2024 17:41:28 +0800 Subject: [PATCH] Optimize new fw rules and tweak postfix Signed-off-by: Egor Savkin --- nixbld-etc-nixos/configuration.nix | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index e358601..0dfb272 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -97,8 +97,6 @@ in extraCommands = '' iptables -A INPUT -s 5.78.86.156 -p gre -j ACCEPT iptables -A INPUT -s 5.78.86.156 -p ah -j ACCEPT - iptables -A OUTPUT -d 5.78.86.156 -p gre -j ACCEPT - iptables -A OUTPUT -d 5.78.86.156 -p ah -j ACCEPT ''; }; useDHCP = false; @@ -1255,18 +1253,6 @@ in }; }; - services.postfix.mapFiles.sender_transport = pkgs.writeText "sender_transport" '' - @m-labs-intl.com intltunnel: - * : - ''; - systemd.services.postfix-rebuild-sender-relay = { - description = "Postfix Rebuild Sender Dependent Transport Maps"; - serviceConfig = { - ExecStart = "${pkgs.postfix}/sbin/postmap /var/lib/postfix/conf/sender_transport"; - }; - wantedBy = [ "multi-user.target" ]; - }; - mailserver = { enable = true; localDnsResolver = false; # conflicts with dnsmasq @@ -1277,6 +1263,10 @@ in certificateScheme = "acme-nginx"; } // (import /etc/nixos/secret/email_settings.nix); services.postfix = { + mapFiles.sender_transport = pkgs.writeText "sender_transport" '' + @m-labs-intl.com intltunnel: + * : + ''; config = { sender_dependent_default_transport_maps = "hash:/var/lib/postfix/conf/sender_transport"; }; @@ -1284,8 +1274,8 @@ in type = "unix"; command = "smtp"; args = [ - "-o" "smtp_bind_address=10.47.3.1" "-o" "inet_interfaces=10.47.3.1" + "-o" "smtp_helo_name=mail.m-labs-intl.com" "-o" "inet_protocols=ipv4" ]; };