diff options
Diffstat (limited to 'nixos/modules/services/mail/dovecot.nix')
-rw-r--r-- | nixos/modules/services/mail/dovecot.nix | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/nixos/modules/services/mail/dovecot.nix b/nixos/modules/services/mail/dovecot.nix index 543e732127a5..96e60f9c88ea 100644 --- a/nixos/modules/services/mail/dovecot.nix +++ b/nixos/modules/services/mail/dovecot.nix @@ -25,6 +25,7 @@ let ssl_cert = <${cfg.sslServerCert} ssl_key = <${cfg.sslServerKey} ${optionalString (!(isNull cfg.sslCACert)) ("ssl_ca = <" + cfg.sslCACert)} + ssl_dh = <${config.security.dhparams.path}/dovecot2.pem disable_plaintext_auth = yes '') @@ -297,10 +298,15 @@ in config = mkIf cfg.enable { - security.pam.services.dovecot2 = mkIf cfg.enablePAM {}; - services.dovecot2.protocols = + security.dhparams = mkIf (! isNull cfg.sslServerCert) { + enable = true; + params = { + dovecot2 = 2048; + }; + }; + services.dovecot2.protocols = optional cfg.enableImap "imap" ++ optional cfg.enablePop3 "pop3" ++ optional cfg.enableLmtp "lmtp"; |