parent
7a0a877b15
commit
5609fe521d
@ -0,0 +1,75 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
|
||||
with lib; let |
||||
|
||||
cfg = config.services.postgrey; |
||||
|
||||
in { |
||||
|
||||
options = { |
||||
services.postgrey = { |
||||
enable = mkOption { |
||||
default = false; |
||||
description = "Whether to run the Postgrey daemon"; |
||||
}; |
||||
inetAddr = mkOption { |
||||
default = null; |
||||
example = "127.0.0.1"; |
||||
description = "The inet address to bind to. If none given, bind to /var/run/postgrey.sock"; |
||||
}; |
||||
inetPort = mkOption { |
||||
default = 10030; |
||||
description = "The tcp port to bind to"; |
||||
}; |
||||
greylistText = mkOption { |
||||
default = "Greylisted for %%s seconds"; |
||||
description = "Response status text for greylisted messages"; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
config = mkIf cfg.enable { |
||||
|
||||
environment.systemPackages = [ pkgs.postgrey ]; |
||||
|
||||
users = { |
||||
extraUsers = { |
||||
postgrey = { |
||||
description = "Postgrey Daemon"; |
||||
uid = config.ids.uids.postgrey; |
||||
group = "postgrey"; |
||||
}; |
||||
}; |
||||
extraGroups = { |
||||
postgrey = { |
||||
gid = config.ids.gids.postgrey; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
systemd.services.postgrey = let |
||||
bind-flag = if isNull cfg.inetAddr then |
||||
"--unix=/var/run/postgrey.sock" |
||||
else |
||||
"--inet=${cfg.inetAddr}:${cfg.inetPort}"; |
||||
in { |
||||
description = "Postfix Greylisting Service"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
before = [ "postfix.service" ]; |
||||
preStart = '' |
||||
mkdir -p /var/postgrey |
||||
chown postgrey:postgrey /var/postgrey |
||||
chmod 0770 /var/postgrey |
||||
''; |
||||
serviceConfig = { |
||||
Type = "simple"; |
||||
ExecStart = ''${pkgs.postgrey}/bin/postgrey ${bind-flag} --pidfile=/var/run/postgrey.pid --group=postgrey --user=postgrey --dbdir=/var/postgrey --greylist-text="${cfg.greylistText}"''; |
||||
Restart = "always"; |
||||
RestartSec = 5; |
||||
TimeoutSec = 10; |
||||
}; |
||||
}; |
||||
|
||||
}; |
||||
|
||||
} |
@ -0,0 +1,34 @@ |
||||
{ stdenv, fetchurl, perl, perlPackages, lib, runCommand, postfix }: |
||||
|
||||
let |
||||
mk-perl-flags = inputs: lib.concatStringsSep " " (map (dep: "-I ${dep}/lib/perl5/site_perl") inputs); |
||||
postgrey-flags = mk-perl-flags (with perlPackages; [ |
||||
NetServer BerkeleyDB DigestSHA1 NetAddrIP IOMultiplex |
||||
]); |
||||
policy-test-flags = mk-perl-flags (with perlPackages; [ |
||||
ParseSyslog |
||||
]); |
||||
version = "1.36"; |
||||
name = "postgrey-${version}"; |
||||
in runCommand name { |
||||
src = fetchurl { |
||||
url = "http://postgrey.schweikert.ch/pub/${name}.tar.gz"; |
||||
sha256 = "09jzb246ki988389r9gryigriv9sravk40q75fih5n0q4p2ghax2"; |
||||
}; |
||||
meta = with stdenv.lib; { |
||||
description = "A postfix policy server to provide greylisting"; |
||||
homepage = "https://postgrey.schweikert.ch/"; |
||||
platforms = postfix.meta.platforms; |
||||
licenses = licenses.gpl2; |
||||
}; |
||||
} '' |
||||
mkdir -p $out/bin |
||||
cd $out |
||||
tar -xzf $src --strip-components=1 |
||||
mv postgrey policy-test bin |
||||
sed -i -e "s,#!/usr/bin/perl -T,#!${perl}/bin/perl -T ${postgrey-flags}," \ |
||||
-e "s#/etc/postfix#$out#" \ |
||||
bin/postgrey |
||||
sed -i -e "s,#!/usr/bin/perl,#!${perl}/bin/perl ${policy-test-flags}," \ |
||||
bin/policy-test |
||||
'' |
Loading…
Reference in new issue