parent
f5835ce77f
commit
b4179c5612
@ -0,0 +1,147 @@ |
||||
{ config, lib, pkgs, ... }: |
||||
|
||||
with lib; |
||||
|
||||
let |
||||
|
||||
cfg = config.services.dspam; |
||||
|
||||
dspam = pkgs.dspam; |
||||
|
||||
defaultSock = "/run/dspam/dspam.sock"; |
||||
|
||||
cfgfile = pkgs.writeText "dspam.conf" '' |
||||
Home /var/lib/dspam |
||||
StorageDriver ${dspam}/lib/dspam/lib${cfg.storageDriver}_drv.so |
||||
|
||||
Trust root |
||||
Trust ${cfg.user} |
||||
SystemLog on |
||||
UserLog on |
||||
|
||||
${optionalString (cfg.domainSocket != null) ''ServerDomainSocketPath "${cfg.domainSocket}"''} |
||||
|
||||
${cfg.extraConfig} |
||||
''; |
||||
|
||||
in { |
||||
|
||||
###### interface |
||||
|
||||
options = { |
||||
|
||||
services.dspam = { |
||||
|
||||
enable = mkOption { |
||||
type = types.bool; |
||||
default = false; |
||||
description = "Whether to enable the dspam spam filter."; |
||||
}; |
||||
|
||||
user = mkOption { |
||||
type = types.str; |
||||
default = "dspam"; |
||||
description = "User for the dspam daemon."; |
||||
}; |
||||
|
||||
group = mkOption { |
||||
type = types.str; |
||||
default = "dspam"; |
||||
description = "Group for the dspam daemon."; |
||||
}; |
||||
|
||||
storageDriver = mkOption { |
||||
type = types.str; |
||||
default = "hash"; |
||||
description = "Storage driver backend to use for dspam."; |
||||
}; |
||||
|
||||
domainSocket = mkOption { |
||||
type = types.nullOr types.path; |
||||
default = defaultSock; |
||||
description = "Path to local domain socket which is used for communication with the daemon. Set to null to disable UNIX socket."; |
||||
}; |
||||
|
||||
extraConfig = mkOption { |
||||
type = types.lines; |
||||
default = ""; |
||||
description = "Additional dspam configuration."; |
||||
}; |
||||
|
||||
maintenanceInterval = mkOption { |
||||
type = types.nullOr types.str; |
||||
default = null; |
||||
description = "If set, maintenance script will be run at specified (in systemd.timer format) interval"; |
||||
}; |
||||
|
||||
}; |
||||
|
||||
}; |
||||
|
||||
|
||||
###### implementation |
||||
|
||||
config = mkIf cfg.enable (mkMerge [ |
||||
{ |
||||
users.extraUsers = optionalAttrs (cfg.user == "dspam") (singleton |
||||
{ name = "dspam"; |
||||
group = cfg.group; |
||||
uid = config.ids.uids.dspam; |
||||
}); |
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "dspam") (singleton |
||||
{ name = "dspam"; |
||||
gid = config.ids.gids.dspam; |
||||
}); |
||||
|
||||
environment.systemPackages = [ dspam ]; |
||||
|
||||
environment.etc."dspam/dspam.conf".source = cfgfile; |
||||
|
||||
systemd.services.dspam = { |
||||
description = "dspam spam filtering daemon"; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
restartTriggers = [ cfgfile ]; |
||||
|
||||
serviceConfig = { |
||||
ExecStart = "${dspam}/bin/dspam --daemon --nofork"; |
||||
User = cfg.user; |
||||
Group = cfg.group; |
||||
RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam"; |
||||
PermissionsStartOnly = true; |
||||
}; |
||||
|
||||
preStart = '' |
||||
mkdir -m750 -p /var/lib/dspam |
||||
chown -R "${cfg.user}:${cfg.group}" /var/lib/dspam |
||||
|
||||
mkdir -m750 -p /var/log/dspam |
||||
chown -R "${cfg.user}:${cfg.group}" /var/log/dspam |
||||
''; |
||||
}; |
||||
} |
||||
|
||||
(mkIf (cfg.maintenanceInterval != null) { |
||||
systemd.timers.dspam-maintenance = { |
||||
description = "Timer for dspam maintenance script"; |
||||
wantedBy = [ "timers.target" ]; |
||||
timerConfig = { |
||||
OnCalendar = cfg.maintenanceInterval; |
||||
Unit = "dspam-maintenance.service"; |
||||
}; |
||||
}; |
||||
|
||||
systemd.services.dspam-maintenance = { |
||||
description = "dspam maintenance script"; |
||||
restartTriggers = [ cfgfile ]; |
||||
|
||||
serviceConfig = { |
||||
ExecStart = "${dspam}/bin/dspam_maintenance"; |
||||
Type = "oneshot"; |
||||
User = cfg.user; |
||||
Group = cfg.group; |
||||
}; |
||||
}; |
||||
}) |
||||
]); |
||||
} |
Loading…
Reference in new issue