gerd.starwart: fixed bug in fallback password + added custom patch

2024-08-22 13:42:34 +02:00 · 2024-08-22 13:42:34 +02:00 · 2f46a5197f
commit 2f46a5197f
parent 0a8f393f9d
5 changed files with 108 additions and 12 deletions
--- a/machines/gerd.nix
+++ b/machines/gerd.nix
@ -16,7 +16,7 @@
    ./gerd/services/hedgedoc.nix
    ./gerd/services/cyberchef.nix
    ./gerd/services/nextcloud.nix
-    ./gerd/services/stalwart.nix
+    ./gerd/services/stalwart
  ];
  networking.hostName = "gerd";
--- a/machines/gerd/services/stalwart/default.nix
+++ b/machines/gerd/services/stalwart/default.nix
@ -0,0 +1,5 @@
 {
  imports = [
    ./stalwart.nix
  ];
 }
--- a/machines/gerd/services/stalwart/patches/stalwart-cli-dns-records.patch
+++ b/machines/gerd/services/stalwart/patches/stalwart-cli-dns-records.patch
@ -0,0 +1,86 @@
 diff --git a/crates/cli/src/modules/cli.rs b/crates/cli/src/modules/cli.rs
 index 865b7c8e..f30ee8a8 100644
 --- a/crates/cli/src/modules/cli.rs
 +++ b/crates/cli/src/modules/cli.rs
@@ -330,6 +330,12 @@ pub enum DomainCommands {
         name: String,
     },
 +    /// List DNS records for domain
 +    DNSRecords {
 +        /// Domain name to list DNS records for
 +        name: String,
 +    },
 +
     /// List all domains
     List {
         /// Starting point for listing domains
 diff --git a/crates/cli/src/modules/domain.rs b/crates/cli/src/modules/domain.rs
 index bc0dd898..462e0251 100644
 --- a/crates/cli/src/modules/domain.rs
 +++ b/crates/cli/src/modules/domain.rs
@@ -6,7 +6,7 @@
 use std::borrow::Cow;
 -use prettytable::{Attr, Cell, Row, Table};
 +use prettytable::{Attr, Cell, Row, Table, format};
 use reqwest::Method;
 use serde_json::Value;
@@ -14,6 +14,15 @@ use crate::modules::List;
 use super::cli::{Client, DomainCommands};
 +use serde::{Deserialize, Serialize};
 +#[derive(Debug, Serialize, Deserialize, Clone)]
 +struct DnsRecord {
 +    #[serde(rename = "type")]
 +    typ: String,
 +    name: String,
 +    content: String,
 +}
 +
 impl DomainCommands {
     pub async fn exec(self, client: Client) {
         match self {
@@ -37,6 +46,39 @@ impl DomainCommands {
                     .await;
                 eprintln!("Successfully deleted domain {name:?}");
             }
 +            DomainCommands::DNSRecords { name } => {
 +                let records = client
 +                    .http_request::<Vec<DnsRecord>, String>(
 +                        Method::GET,
 +                        &format!("/api/domain/{name}"),
 +                        None,
 +                    )
 +                    .await;
 +
 +                if !records.is_empty() {
 +                    let mut table = Table::new();
 +                    // no borderline separator, as long values will mess it up
 +                    table.set_format(*format::consts::FORMAT_NO_BORDER_LINE_SEPARATOR);
 +
 +                    table.add_row(Row::new(vec![
 +                        Cell::new("Type").with_style(Attr::Bold),
 +                        Cell::new("Name").with_style(Attr::Bold),
 +                        Cell::new("Contents").with_style(Attr::Bold),
 +                    ]));
 +
 +                    for record in &records {
 +                        table.add_row(Row::new(vec![
 +                            Cell::new(&record.typ),
 +                            Cell::new(&record.name),
 +                            Cell::new(&record.content),
 +                        ]));
 +                    }
 +
 +                    eprintln!();
 +                    table.printstd();
 +                    eprintln!();
 +                }
 +            }
             DomainCommands::List { from, limit } => {
                 let query = if from.is_none() && limit.is_none() {
                     Cow::Borrowed("/api/domain")
--- a/machines/gerd/services/stalwart/stalwart.nix
+++ b/machines/gerd/services/stalwart/stalwart.nix
@ -25,12 +25,16 @@ in {
  services.stalwart-mail = {
    enable = true;
    openFirewall = true;
-    # package = pkgs.stalwart-mail;
+    
    package = pkgs.stalwart-mail.overrideAttrs (old: {
      patches = old.patches ++ [
        ./patches/stalwart-cli-dns-records.patch
      ];
    });
    settings = {
      lookup.default.hostname = svc_domain;
      # tracer.stdout.level = "trace";
      store.db.path = "${stateDir}/db";
      directory.ldap = {
@ -104,7 +108,7 @@ in {
      # authentication
      authentication.fallback-admin = {
        user = "admin";
-        secret = "%{file:${config.age.secrets.stalwart-admin-fallback-password.owner}}%";
+        secret = "%{file:${config.age.secrets.stalwart-admin-fallback-password.path}}%";
      };
    };
  };
--- a/secrets/stalwart/admin-fallback-password.age
+++ b/secrets/stalwart/admin-fallback-password.age
@ -1,9 +1,10 @@
 age-encryption.org/v1
-> ssh-ed25519 QSDXqg KxP3cNdqRorj0JO6SW3FOjcFxgmsspRz/MKnVVviXFM
+-> ssh-ed25519 QSDXqg 9NdZ2auQY3xgJyg6bk9IXc54E7s0iBIEaqTJPze6aVo
-i9SoYa0sQ0E7S2jo9Js5PJsiHB3lMsVqX5bULg255bw
+sO+XRHIh8+BzH21AuIdSN8V9eZK8bL7synmip7OF+e8
-> ssh-ed25519 n8n9DQ BrcbGW2zt6E5QjRz+kN/5vl4AreGuOsR+AUcv8sog3M
+-> ssh-ed25519 n8n9DQ RT5uVILvBUdHPxCcJ1pYgiiCGTgIpn1UrAYnrpgy3RM
-c+nUCQ9Bifu3bK4R2OgKLbfFFU66/73Oj4y9bMTVJIU
+HfHBx5QVn8ahHk1NjxZWsfrD2W2D0E25mQrZGkiX6WQ
-> ssh-ed25519 BTp6UA RngU7oNTzWJRZG6Qr/t9RiAxEeBelHIzOuSp44b3HVc
+-> ssh-ed25519 BTp6UA AY1xVYOt+wTYPBSweXv7QvpJOsEawEBufpI6nR0+0Ds
-DUrunTXLwjLqkuiuzksaqpSwvmKpps/I6Jftv0dD6p8
+OxwPG/E5EatvwUgvhqfW8dVG/r4fjbf0Nfawz/BBgD8
--- D75A1a96Q1UKHUsAejeydmjqui9+P3e6fRo3Eeb1I0g
+--- 6tjacKndq1+4t3+EEnl+Sr2qDIlrhvE4WqtxPXZTUVM
-··çu<> éì>ÝÄ_owxîuýªÓê'<27>ÿ Ÿ7Ÿì?[À5dGTqâœ›ò¼B¼]0_‡·(Íç:Ä¶
+ô×°ëÝà8Ló¡ˆ¸zÆW™¼–n—Ö”
 voQ–OA¼S˜io×ÑO •h\î÷Ï<C3B7>É/hF1–8¿	#bƒ