gerd.starwart: fixed bug in fallback password + added custom patch

2024-08-22 13:42:34 +02:00 · 2024-08-22 13:42:34 +02:00 · 2f46a5197f
commit 2f46a5197f
parent 0a8f393f9d
5 changed files with 108 additions and 12 deletions
--- a/machines/gerd.nix
+++ b/machines/gerd.nix
@ -16,7 +16,7 @@
    ./gerd/services/hedgedoc.nix
    ./gerd/services/cyberchef.nix
    ./gerd/services/nextcloud.nix
-    ./gerd/services/stalwart.nix
+    ./gerd/services/stalwart
  ];

  networking.hostName = "gerd";
--- a/machines/gerd/services/stalwart/default.nix
+++ b/machines/gerd/services/stalwart/default.nix
@ -0,0 +1,5 @@
+{
+  imports = [
+    ./stalwart.nix
+  ];
+}
--- a/machines/gerd/services/stalwart/patches/stalwart-cli-dns-records.patch
+++ b/machines/gerd/services/stalwart/patches/stalwart-cli-dns-records.patch
@ -0,0 +1,86 @@
+diff --git a/crates/cli/src/modules/cli.rs b/crates/cli/src/modules/cli.rs
+index 865b7c8e..f30ee8a8 100644
+--- a/crates/cli/src/modules/cli.rs
+++ b/crates/cli/src/modules/cli.rs
+@@ -330,6 +330,12 @@ pub enum DomainCommands {
+         name: String,
+     },
+ 
+    /// List DNS records for domain
+    DNSRecords {
+        /// Domain name to list DNS records for
+        name: String,
+    },
+
+     /// List all domains
+     List {
+         /// Starting point for listing domains
+diff --git a/crates/cli/src/modules/domain.rs b/crates/cli/src/modules/domain.rs
+index bc0dd898..462e0251 100644
+--- a/crates/cli/src/modules/domain.rs
+++ b/crates/cli/src/modules/domain.rs
+@@ -6,7 +6,7 @@
+ 
+ use std::borrow::Cow;
+ 
+-use prettytable::{Attr, Cell, Row, Table};
+use prettytable::{Attr, Cell, Row, Table, format};
+ use reqwest::Method;
+ use serde_json::Value;
+ 
+@@ -14,6 +14,15 @@ use crate::modules::List;
+ 
+ use super::cli::{Client, DomainCommands};
+ 
+use serde::{Deserialize, Serialize};
+#[derive(Debug, Serialize, Deserialize, Clone)]
+struct DnsRecord {
+    #[serde(rename = "type")]
+    typ: String,
+    name: String,
+    content: String,
+}
+
+ impl DomainCommands {
+     pub async fn exec(self, client: Client) {
+         match self {
+@@ -37,6 +46,39 @@ impl DomainCommands {
+                     .await;
+                 eprintln!("Successfully deleted domain {name:?}");
+             }
+            DomainCommands::DNSRecords { name } => {
+                let records = client
+                    .http_request::<Vec<DnsRecord>, String>(
+                        Method::GET,
+                        &format!("/api/domain/{name}"),
+                        None,
+                    )
+                    .await;
+
+                if !records.is_empty() {
+                    let mut table = Table::new();
+                    // no borderline separator, as long values will mess it up
+                    table.set_format(*format::consts::FORMAT_NO_BORDER_LINE_SEPARATOR);
+
+                    table.add_row(Row::new(vec![
+                        Cell::new("Type").with_style(Attr::Bold),
+                        Cell::new("Name").with_style(Attr::Bold),
+                        Cell::new("Contents").with_style(Attr::Bold),
+                    ]));
+
+                    for record in &records {
+                        table.add_row(Row::new(vec![
+                            Cell::new(&record.typ),
+                            Cell::new(&record.name),
+                            Cell::new(&record.content),
+                        ]));
+                    }
+
+                    eprintln!();
+                    table.printstd();
+                    eprintln!();
+                }
+            }
+             DomainCommands::List { from, limit } => {
+                 let query = if from.is_none() && limit.is_none() {
+                     Cow::Borrowed("/api/domain")
--- a/machines/gerd/services/stalwart/stalwart.nix
+++ b/machines/gerd/services/stalwart/stalwart.nix
@ -25,12 +25,16 @@ in {
  services.stalwart-mail = {
    enable = true;
    openFirewall = true;
-    # package = pkgs.stalwart-mail;
+    
+    package = pkgs.stalwart-mail.overrideAttrs (old: {
+      patches = old.patches ++ [
+        ./patches/stalwart-cli-dns-records.patch
+      ];
+    });

    settings = {
      lookup.default.hostname = svc_domain;

-      # tracer.stdout.level = "trace";
      store.db.path = "${stateDir}/db";

      directory.ldap = {
@ -104,7 +108,7 @@ in {
      # authentication
      authentication.fallback-admin = {
        user = "admin";
-        secret = "%{file:${config.age.secrets.stalwart-admin-fallback-password.owner}}%";
+        secret = "%{file:${config.age.secrets.stalwart-admin-fallback-password.path}}%";
      };
    };
  };
--- a/secrets/stalwart/admin-fallback-password.age
+++ b/secrets/stalwart/admin-fallback-password.age
@ -1,9 +1,10 @@
 age-encryption.org/v1
-> ssh-ed25519 QSDXqg KxP3cNdqRorj0JO6SW3FOjcFxgmsspRz/MKnVVviXFM
-i9SoYa0sQ0E7S2jo9Js5PJsiHB3lMsVqX5bULg255bw
-> ssh-ed25519 n8n9DQ BrcbGW2zt6E5QjRz+kN/5vl4AreGuOsR+AUcv8sog3M
-c+nUCQ9Bifu3bK4R2OgKLbfFFU66/73Oj4y9bMTVJIU
-> ssh-ed25519 BTp6UA RngU7oNTzWJRZG6Qr/t9RiAxEeBelHIzOuSp44b3HVc
-DUrunTXLwjLqkuiuzksaqpSwvmKpps/I6Jftv0dD6p8
--- D75A1a96Q1UKHUsAejeydmjqui9+P3e6fRo3Eeb1I0g
-··çu<> éì>ÝÄ_owxîuýªÓê'<27>ÿ Ÿ7Ÿì?[À5dGTqâœ›ò¼B¼]0_‡·(Íç:Ä¶
+-> ssh-ed25519 QSDXqg 9NdZ2auQY3xgJyg6bk9IXc54E7s0iBIEaqTJPze6aVo
+sO+XRHIh8+BzH21AuIdSN8V9eZK8bL7synmip7OF+e8
+-> ssh-ed25519 n8n9DQ RT5uVILvBUdHPxCcJ1pYgiiCGTgIpn1UrAYnrpgy3RM
+HfHBx5QVn8ahHk1NjxZWsfrD2W2D0E25mQrZGkiX6WQ
+-> ssh-ed25519 BTp6UA AY1xVYOt+wTYPBSweXv7QvpJOsEawEBufpI6nR0+0Ds
+OxwPG/E5EatvwUgvhqfW8dVG/r4fjbf0Nfawz/BBgD8
+--- 6tjacKndq1+4t3+EEnl+Sr2qDIlrhvE4WqtxPXZTUVM
+ô×°ëÝà8Ló¡ˆ¸zÆW™¼–n—Ö”
+voQ–OA¼S˜io×ÑO •h\î÷Ï<C3B7>É/hF1–8¿	#bƒ