From d301d6dc27789f4c06c98509c372bfd12672aaf6 Mon Sep 17 00:00:00 2001
From: Alejandro Soto <alejandro@34project.org>
Date: Sun, 8 Feb 2026 22:36:54 -0600
Subject: sys/mta: set the SMTP bind address for the primary MX instance

---
 sys/mta/default.nix | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'sys/mta/default.nix')

diff --git a/sys/mta/default.nix b/sys/mta/default.nix
index 15476bf..2bd0cdd 100644
--- a/sys/mta/default.nix
+++ b/sys/mta/default.nix
@@ -47,7 +47,7 @@ in {
       type = types.port;
     };
 
-    relayListen = mkOption {
+    mtaListen = mkOption {
       type = types.str;
     };
   };
@@ -147,6 +147,7 @@ in {
           {
             mydomain = domain;
             myhostname = mtaDomain.main;
+            inet_interfaces = [cfg.mtaListen];
 
             myorigin = "$mydomain";
             #TODO: check_recipient_access para rechazar localhost desde afuera
@@ -217,8 +218,6 @@ in {
             milter_default_action = "accept";
           }
           // optionalAttrs isBackup {
-            inet_interfaces = [cfg.relayListen];
-
             smtpd_relay_restrictions = [
               "reject_unauth_destination"
             ];
@@ -261,5 +260,11 @@ in {
     };
 
     security.acme.certs.${mtaDomain.main}.reloadServices = ["postfix.service"];
+
+    # Evita race condition en bind de inet_interfaces
+    systemd.services.postfix-setup = {
+      after = ["network-online.target"];
+      wants = ["network-online.target"];
+    };
   };
 }
-- 
cgit v1.2.3