From 5be2afcdd845991de21d7712b41431d5f04155c5 Mon Sep 17 00:00:00 2001
From: Colin <colin@uninsane.org>
Date: Thu, 28 Apr 2022 07:22:03 +0000
Subject: [PATCH] postfix working for sending signed mail to itself.

not tested:
- sending to root
- receiving from an external domain
- sending to an external domain (definitely won't work, since the DNS keys aren't correct anymore)
---
 services-conf/postfix-configuration.nix | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/services-conf/postfix-configuration.nix b/services-conf/postfix-configuration.nix
index 4a00ea9e..3ee90385 100644
--- a/services-conf/postfix-configuration.nix
+++ b/services-conf/postfix-configuration.nix
@@ -1,6 +1,29 @@
 { config, pkgs, lib, ... }:
 
 {
-  #services.postfix.enable = true;
+  services.postfix.enable = true;
   services.postfix.hostname = "mx.uninsane.org";
+  services.postfix.origin = "uninsane.org";
+  services.postfix.destination = ["localhost" "uninsane.org"];
+
+  services.postfix.virtual = ''
+    @uninsane.org colin
+  '';
+
+  services.postfix.extraConfig = ''
+    # smtpd_milters = local:/run/opendkim/opendkim.sock
+    smtpd_milters = inet:localhost:8891
+    non_smtpd_milters = $smtpd_milters
+    milter_default_action = accept
+  '';
+
+  services.opendkim.enable = true;
+  services.opendkim.domains = "csl:uninsane.org";
+
+  # we use a custom (inet) socket, because the default perms
+  # of the unix socket don't allow postfix to connect
+  services.opendkim.socket = "inet:8891@localhost";
+  # selectors can be used to disambiguate sender machines.
+  # keeping this the same as the hostname seems simplest
+  services.opendkim.selector = "mx";
 }