diff options
author | Alexander V. Nikolaev <avn@avnik.info> | 2016-03-25 16:12:59 +0200 |
---|---|---|
committer | Alexander V. Nikolaev <avn@avnik.info> | 2016-04-28 14:21:19 +0300 |
commit | 36954ee405ce515895c90fd6543bac2a9bd0bddb (patch) | |
tree | 11bdb7f8e5c6166263147f4d53c0fa1188b20217 /nixos/modules | |
parent | 5c260399e136631e026c17b9c08315660f9eaefc (diff) | |
download | nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.tar nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.tar.gz nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.tar.bz2 nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.tar.lz nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.tar.xz nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.tar.zst nixlib-36954ee405ce515895c90fd6543bac2a9bd0bddb.zip |
rspamd: configurable bindSocket and bindUISocket
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/services/mail/rspamd.nix | 59 |
1 files changed, 57 insertions, 2 deletions
diff --git a/nixos/modules/services/mail/rspamd.nix b/nixos/modules/services/mail/rspamd.nix index a083f8293243..412b99ccc570 100644 --- a/nixos/modules/services/mail/rspamd.nix +++ b/nixos/modules/services/mail/rspamd.nix @@ -6,6 +6,35 @@ let cfg = config.services.rspamd; + mkBindSockets = socks: concatStringsSep "\n" (map (each: " bind_socket = \"${each}\"") socks); + + rspamdConf = + '' + .include "$CONFDIR/common.conf" + + options { + pidfile = "$RUNDIR/rspamd.pid"; + .include "$CONFDIR/options.inc" + } + + logging { + type = "file"; + filename = "$LOGDIR/rspamd.log"; + .include "$CONFDIR/logging.inc" + } + + worker { + ${mkBindSockets cfg.bindSocket} + .include "$CONFDIR/worker-normal.inc" + } + + worker { + ${mkBindSockets cfg.bindUISocket} + .include "$CONFDIR/worker-controller.inc" + } + ''; + rspamdConfFile = pkgs.writeText "rspamd.conf" rspamdConf; + in { @@ -26,6 +55,32 @@ in description = "Whether to run the rspamd daemon in debug mode."; }; + bindSocket = mkOption { + type = types.listOf types.str; + default = [ + "/run/rspamd.sock mode=0666 owner=${cfg.user}" + ]; + description = '' + List of sockets to listen, in format acceptable by rspamd + ''; + example = '' + bindSocket = [ + "/run/rspamd.sock mode=0666 owner=rspamd" + "*:11333" + ]; + ''; + }; + + bindUISocket = mkOption { + type = types.listOf types.str; + default = [ + "localhost:11334" + ]; + description = '' + List of sockets for web interface, in format acceptable by rspamd + ''; + }; + user = mkOption { type = types.string; default = "rspamd"; @@ -62,7 +117,7 @@ in users.extraGroups = singleton { name = cfg.group; - gid = config.ids.gids.spamd; + gid = config.ids.gids.rspamd; }; systemd.services.rspamd = { @@ -72,7 +127,7 @@ in after = [ "network.target" ]; serviceConfig = { - ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -f"; + ExecStart = "${pkgs.rspamd}/bin/rspamd ${optionalString cfg.debug "-d"} --user=${cfg.user} --group=${cfg.group} --pid=/run/rspamd.pid -c ${rspamdConfFile} -f"; RuntimeDirectory = "/var/lib/rspamd"; PermissionsStartOnly = true; Restart = "always"; |