forked from mirrors/nixpkgs
a421af29e4
The setgid is currently required for offline enqueuing, and unfortunately smtpctl is currently not split from sendmail so there's little running around it.
133 lines
3.3 KiB
Nix
133 lines
3.3 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
|
|
cfg = config.services.opensmtpd;
|
|
conf = pkgs.writeText "smtpd.conf" cfg.serverConfiguration;
|
|
args = concatStringsSep " " cfg.extraServerArgs;
|
|
|
|
sendmail = pkgs.runCommand "opensmtpd-sendmail" { preferLocalBuild = true; } ''
|
|
mkdir -p $out/bin
|
|
ln -s ${cfg.package}/sbin/smtpctl $out/bin/sendmail
|
|
'';
|
|
|
|
in {
|
|
|
|
###### interface
|
|
|
|
imports = [
|
|
(mkRenamedOptionModule [ "services" "opensmtpd" "addSendmailToSystemPath" ] [ "services" "opensmtpd" "setSendmail" ])
|
|
];
|
|
|
|
options = {
|
|
|
|
services.opensmtpd = {
|
|
|
|
enable = mkOption {
|
|
type = types.bool;
|
|
default = false;
|
|
description = "Whether to enable the OpenSMTPD server.";
|
|
};
|
|
|
|
package = mkOption {
|
|
type = types.package;
|
|
default = pkgs.opensmtpd;
|
|
defaultText = "pkgs.opensmtpd";
|
|
description = "The OpenSMTPD package to use.";
|
|
};
|
|
|
|
setSendmail = mkOption {
|
|
type = types.bool;
|
|
default = true;
|
|
description = "Whether to set the system sendmail to OpenSMTPD's.";
|
|
};
|
|
|
|
extraServerArgs = mkOption {
|
|
type = types.listOf types.str;
|
|
default = [];
|
|
example = [ "-v" "-P mta" ];
|
|
description = ''
|
|
Extra command line arguments provided when the smtpd process
|
|
is started.
|
|
'';
|
|
};
|
|
|
|
serverConfiguration = mkOption {
|
|
type = types.lines;
|
|
example = ''
|
|
listen on lo
|
|
accept for any deliver to lmtp localhost:24
|
|
'';
|
|
description = ''
|
|
The contents of the smtpd.conf configuration file. See the
|
|
OpenSMTPD documentation for syntax information.
|
|
'';
|
|
};
|
|
|
|
procPackages = mkOption {
|
|
type = types.listOf types.package;
|
|
default = [];
|
|
description = ''
|
|
Packages to search for filters, tables, queues, and schedulers.
|
|
|
|
Add OpenSMTPD-extras here if you want to use the filters, etc. from
|
|
that package.
|
|
'';
|
|
};
|
|
};
|
|
|
|
};
|
|
|
|
|
|
###### implementation
|
|
|
|
config = mkIf cfg.enable rec {
|
|
users.groups = {
|
|
smtpd.gid = config.ids.gids.smtpd;
|
|
smtpq.gid = config.ids.gids.smtpq;
|
|
};
|
|
|
|
users.users = {
|
|
smtpd = {
|
|
description = "OpenSMTPD process user";
|
|
uid = config.ids.uids.smtpd;
|
|
group = "smtpd";
|
|
};
|
|
smtpq = {
|
|
description = "OpenSMTPD queue user";
|
|
uid = config.ids.uids.smtpq;
|
|
group = "smtpq";
|
|
};
|
|
};
|
|
|
|
security.wrappers.smtpctl = {
|
|
group = "smtpq";
|
|
setgid = true;
|
|
source = "${cfg.package}/bin/smtpctl";
|
|
};
|
|
|
|
services.mail.sendmailSetuidWrapper = mkIf cfg.setSendmail security.wrappers.smtpctl;
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"d /var/spool/smtpd 711 root - - -"
|
|
"d /var/spool/smtpd/offline 770 root smtpq - -"
|
|
"d /var/spool/smtpd/purge 700 smtpq root - -"
|
|
];
|
|
|
|
systemd.services.opensmtpd = let
|
|
procEnv = pkgs.buildEnv {
|
|
name = "opensmtpd-procs";
|
|
paths = [ cfg.package ] ++ cfg.procPackages;
|
|
pathsToLink = [ "/libexec/opensmtpd" ];
|
|
};
|
|
in {
|
|
wantedBy = [ "multi-user.target" ];
|
|
after = [ "network.target" ];
|
|
serviceConfig.ExecStart = "${cfg.package}/sbin/smtpd -d -f ${conf} ${args}";
|
|
environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd";
|
|
};
|
|
};
|
|
}
|