parent
480083922c
commit
14926f08a3
@ -0,0 +1,90 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
|
||||
cfg = config.services.rspamd; |
||||
|
||||
in |
||||
|
||||
{ |
||||
|
||||
###### interface |
||||
|
||||
options = { |
||||
|
||||
services.rspamd = { |
||||
|
||||
enable = mkOption { |
||||
default = false; |
||||
description = "Whether to run the rspamd daemon."; |
||||
}; |
||||
|
||||
debug = mkOption { |
||||
default = false; |
||||
description = "Whether to run the rspamd daemon in debug mode."; |
||||
}; |
||||
|
||||
user = mkOption { |
||||
type = types.string; |
||||
default = "rspamd"; |
||||
description = '' |
||||
User to use when no root privileges are required. |
||||
''; |
||||
}; |
||||
|
||||
group = mkOption { |
||||
type = types.string; |
||||
default = "rspamd"; |
||||
description = '' |
||||
Group to use when no root privileges are required. |
||||
''; |
||||
}; |
||||
}; |
||||
|
||||
}; |
||||
|
||||
|
||||
###### implementation |
||||
|
||||
config = mkIf cfg.enable { |
||||
|
||||
# Allow users to run 'rspamc' and 'rspamadm'. |
||||
environment.systemPackages = [ pkgs.rspamd ]; |
||||
|
||||
users.extraUsers = singleton { |
||||
name = cfg.user; |
||||
description = "rspamd daemon"; |
||||
uid = config.ids.uids.rspamd; |
||||
group = cfg.group; |
||||
}; |
||||
|
||||
users.extraGroups = singleton { |
||||
name = cfg.group; |
||||
gid = config.ids.gids.spamd; |
||||
}; |
||||
|
||||
systemd.services.rspamd = { |
||||
description = "Rspamd Service"; |
||||
|
||||
wantedBy = [ "multi-user.target" ]; |
||||
after = [ "network.target" ]; |
||||
|
||||
serviceConfig = { |
||||
ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -f"; |
||||
RuntimeDirectory = "/var/lib/rspamd"; |
||||
PermissionsStartOnly = true; |
||||
Restart = "always"; |
||||
}; |
||||
|
||||
preStart = '' |
||||
${pkgs.coreutils}/bin/mkdir -p /var/{lib,log}/rspamd |
||||
${pkgs.coreutils}/bin/chown ${cfg.user}:${cfg.group} /var/lib/rspamd |
||||
''; |
||||
|
||||
}; |
||||
|
||||
}; |
||||
|
||||
} |
Loading…
Reference in new issue