80 lines
2.0 KiB
Nix
80 lines
2.0 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib; let
|
|
|
|
cfg = config.services.postgrey;
|
|
|
|
in {
|
|
|
|
options = {
|
|
services.postgrey = with types; {
|
|
enable = mkOption {
|
|
type = bool;
|
|
default = false;
|
|
description = "Whether to run the Postgrey daemon";
|
|
};
|
|
inetAddr = mkOption {
|
|
type = nullOr string;
|
|
default = null;
|
|
example = "127.0.0.1";
|
|
description = "The inet address to bind to. If none given, bind to /var/run/postgrey.sock";
|
|
};
|
|
inetPort = mkOption {
|
|
type = int;
|
|
default = 10030;
|
|
description = "The tcp port to bind to";
|
|
};
|
|
greylistText = mkOption {
|
|
type = string;
|
|
default = "Greylisted for %%s seconds";
|
|
description = "Response status text for greylisted messages";
|
|
};
|
|
};
|
|
};
|
|
|
|
config = mkIf cfg.enable {
|
|
|
|
environment.systemPackages = [ pkgs.postgrey ];
|
|
|
|
users = {
|
|
extraUsers = {
|
|
postgrey = {
|
|
description = "Postgrey Daemon";
|
|
uid = config.ids.uids.postgrey;
|
|
group = "postgrey";
|
|
};
|
|
};
|
|
extraGroups = {
|
|
postgrey = {
|
|
gid = config.ids.gids.postgrey;
|
|
};
|
|
};
|
|
};
|
|
|
|
systemd.services.postgrey = let
|
|
bind-flag = if isNull cfg.inetAddr then
|
|
"--unix=/var/run/postgrey.sock"
|
|
else
|
|
"--inet=${cfg.inetAddr}:${cfg.inetPort}";
|
|
in {
|
|
description = "Postfix Greylisting Service";
|
|
wantedBy = [ "multi-user.target" ];
|
|
before = [ "postfix.service" ];
|
|
preStart = ''
|
|
mkdir -p /var/postgrey
|
|
chown postgrey:postgrey /var/postgrey
|
|
chmod 0770 /var/postgrey
|
|
'';
|
|
serviceConfig = {
|
|
Type = "simple";
|
|
ExecStart = ''${pkgs.postgrey}/bin/postgrey ${bind-flag} --pidfile=/var/run/postgrey.pid --group=postgrey --user=postgrey --dbdir=/var/postgrey --greylist-text="${cfg.greylistText}"'';
|
|
Restart = "always";
|
|
RestartSec = 5;
|
|
TimeoutSec = 10;
|
|
};
|
|
};
|
|
|
|
};
|
|
|
|
}
|