diff options
| author | Alyssa Ross <hi@alyssa.is> | 2020-07-13 23:20:04 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2020-07-13 23:21:06 +0000 |
| commit | a42c1d6d62656dcf9bd85de620f2e200a5ad22d8 (patch) | |
| tree | 7d481fea9872f62a034452612be17f4494159baa /nixpkgs/nixos/modules/services/mail/opensmtpd.nix | |
| parent | 55f69a6b0e53c1c4b3e0396937c53bf5662b5519 (diff) | |
| parent | 9480bae337095fd24f61380bce3174fdfe926a00 (diff) | |
| download | nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.tar nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.tar.gz nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.tar.bz2 nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.tar.lz nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.tar.xz nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.tar.zst nixlib-a42c1d6d62656dcf9bd85de620f2e200a5ad22d8.zip | |
Merge commit '9480bae337095fd24f61380bce3174fdfe926a00'
This is the last nixos-unstable release before 13b2903169f, which I'm a bit nervous about. So I want the update including that one to be as small as possible, hence going to this one first.
Diffstat (limited to 'nixpkgs/nixos/modules/services/mail/opensmtpd.nix')
| -rw-r--r-- | nixpkgs/nixos/modules/services/mail/opensmtpd.nix | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/nixpkgs/nixos/modules/services/mail/opensmtpd.nix b/nixpkgs/nixos/modules/services/mail/opensmtpd.nix index 1fabe2da45c5..c838d3b949db 100644 --- a/nixpkgs/nixos/modules/services/mail/opensmtpd.nix +++ b/nixpkgs/nixos/modules/services/mail/opensmtpd.nix @@ -17,6 +17,10 @@ in { ###### interface + imports = [ + (mkRenamedOptionModule [ "services" "opensmtpd" "addSendmailToSystemPath" ] [ "services" "opensmtpd" "setSendmail" ]) + ]; + options = { services.opensmtpd = { @@ -34,13 +38,10 @@ in { description = "The OpenSMTPD package to use."; }; - addSendmailToSystemPath = mkOption { + setSendmail = mkOption { type = types.bool; default = true; - description = '' - Whether to add OpenSMTPD's sendmail binary to the - system path or not. - ''; + description = "Whether to set the system sendmail to OpenSMTPD's."; }; extraServerArgs = mkOption { @@ -82,7 +83,7 @@ in { ###### implementation - config = mkIf cfg.enable { + config = mkIf cfg.enable rec { users.groups = { smtpd.gid = config.ids.gids.smtpd; smtpq.gid = config.ids.gids.smtpq; @@ -101,6 +102,14 @@ in { }; }; + security.wrappers.smtpctl = { + group = "smtpq"; + setgid = true; + source = "${cfg.package}/bin/smtpctl"; + }; + + services.mail.sendmailSetuidWrapper = mkIf cfg.setSendmail security.wrappers.smtpctl; + systemd.tmpfiles.rules = [ "d /var/spool/smtpd 711 root - - -" "d /var/spool/smtpd/offline 770 root smtpq - -" @@ -119,7 +128,5 @@ in { serviceConfig.ExecStart = "${cfg.package}/sbin/smtpd -d -f ${conf} ${args}"; environment.OPENSMTPD_PROC_PATH = "${procEnv}/libexec/opensmtpd"; }; - - environment.systemPackages = mkIf cfg.addSendmailToSystemPath [ sendmail ]; }; } |