neomutt: fix STARTTLS

When smtps is used as a protocol, neomutt expects TLS but will if STARTTLS should be used. When using STARTTLS, smtp has to be used as protocol and `ssl_force_tls` is set. See <https://neomutt.org/guide/optionalfeatures#2-1-%C2%A0starttls>.
2023-08-29 23:56:29 +02:00 · 2023-08-29 23:56:29 +02:00 · 408ba13188
parent 0ed5f9786b
commit 408ba13188
4 changed files with 85 additions and 2 deletions
--- a/modules/programs/neomutt.nix
+++ b/modules/programs/neomutt.nix
@ -118,7 +118,8 @@ let
      sendmail = "'${neomutt.sendMailCommand}'";
    } else
      let
-        smtpProto = if smtp.tls.enable then "smtps" else "smtp";
+        smtpProto =
+          if smtp.tls.enable && !smtp.tls.useStartTls then "smtps" else "smtp";
        smtpPort = if smtp.port != null then ":${toString smtp.port}" else "";
        smtpBaseUrl =
          "${smtpProto}://${escape userName}@${smtp.host}${smtpPort}";
@ -217,7 +218,9 @@ let
        }";
    in ''
      # Generated by Home Manager.
-      set ssl_force_tls = yes
+      set ssl_force_tls = ${
+        lib.hm.booleans.yesNo (smtp.tls.enable || smtp.tls.useStartTls)
+      }
      set certificate_file=${toString config.accounts.email.certificatesFile}

      # GPG section
--- a/tests/modules/programs/neomutt/default.nix
+++ b/tests/modules/programs/neomutt/default.nix
@ -11,4 +11,5 @@
  neomutt-with-named-mailboxes = ./neomutt-with-named-mailboxes.nix;
  neomutt-with-signature = ./neomutt-with-signature.nix;
  neomutt-with-signature-command = ./neomutt-with-signature-command.nix;
+  neomutt-with-starttls = ./neomutt-with-starttls.nix;
 }
--- a/tests/modules/programs/neomutt/hm-example.com-starttls-expected
+++ b/tests/modules/programs/neomutt/hm-example.com-starttls-expected
@ -0,0 +1,38 @@
+# Generated by Home Manager.
+set ssl_force_tls = yes
+set certificate_file=/etc/ssl/certs/ca-certificates.crt
+
+# GPG section
+set crypt_use_gpgme = yes
+set crypt_autosign = no
+set crypt_opportunistic_encrypt = no
+set pgp_use_gpg_agent = yes
+set mbox_type = Maildir
+set sort = "threads"
+
+# MTA section
+set smtp_pass="`password-command`"
+set smtp_url='smtp://home.manager@smtp.example.com'
+
+
+
+
+
+# MRA section
+set folder='/home/hm-user/Mail/hm@example.com'
+set from='hm@example.com'
+set postponed='+Drafts'
+set realname='H. M. Test'
+set record='+Sent'
+set spoolfile='+Inbox'
+set trash='+Trash'
+
+
+# Extra configuration
+color status cyan default
+
+
+unset signature
+# notmuch section
+set nm_default_uri = "notmuch:///home/hm-user/Mail"
+virtual-mailboxes "My INBOX" "notmuch://?query=tag%3Ainbox"
--- a/tests/modules/programs/neomutt/neomutt-with-starttls.nix
+++ b/tests/modules/programs/neomutt/neomutt-with-starttls.nix
@ -0,0 +1,41 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+{
+  imports = [ ../../accounts/email-test-accounts.nix ];
+
+  config = {
+    accounts.email.accounts = {
+      "hm@example.com" = {
+        notmuch.enable = true;
+        neomutt = {
+          enable = true;
+          extraConfig = ''
+            color status cyan default
+          '';
+        };
+        imap.port = 143;
+        smtp.tls.useStartTls = true;
+      };
+    };
+
+    programs.neomutt = {
+      enable = true;
+      vimKeys = false;
+    };
+
+    test.stubs.neomutt = { };
+
+    nmt.script = ''
+      assertFileExists home-files/.config/neomutt/neomuttrc
+      assertFileExists home-files/.config/neomutt/hm@example.com
+      assertFileContent home-files/.config/neomutt/neomuttrc ${
+        ./neomutt-expected.conf
+      }
+      assertFileContent home-files/.config/neomutt/hm@example.com ${
+        ./hm-example.com-starttls-expected
+      }
+    '';
+  };
+}