summaryrefslogtreecommitdiff
path: root/modules/postfwd.nix
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2024-05-26 12:08:43 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2024-05-26 12:08:43 +0200
commitde2521348c54e73c5260a15bd2d7eb214df24c60 (patch)
tree1f1ade7e8761fb6eeb64da21997610a1e66df13d /modules/postfwd.nix
parent329de92b6e00f1af9925f56a4fc6da14087802e5 (diff)
downloadnixos-de2521348c54e73c5260a15bd2d7eb214df24c60.tar
nixos-de2521348c54e73c5260a15bd2d7eb214df24c60.tar.gz
nixos-de2521348c54e73c5260a15bd2d7eb214df24c60.tar.bz2
nixos-de2521348c54e73c5260a15bd2d7eb214df24c60.tar.xz
nixos-de2521348c54e73c5260a15bd2d7eb214df24c60.zip
...
Diffstat (limited to 'modules/postfwd.nix')
-rw-r--r--modules/postfwd.nix27
1 files changed, 24 insertions, 3 deletions
diff --git a/modules/postfwd.nix b/modules/postfwd.nix
index e10c04a7..2ecfe9ab 100644
--- a/modules/postfwd.nix
+++ b/modules/postfwd.nix
@@ -9,6 +9,10 @@ in {
9 services.postfwd = with types; { 9 services.postfwd = with types; {
10 enable = mkEnableOption "postfwd3 - postfix firewall daemon"; 10 enable = mkEnableOption "postfwd3 - postfix firewall daemon";
11 11
12 cache = mkEnableOption "postfwd3 cache" // {
13 default = true;
14 };
15
12 rules = mkOption { 16 rules = mkOption {
13 type = lines; 17 type = lines;
14 default = ""; 18 default = "";
@@ -25,7 +29,7 @@ in {
25 serviceConfig = { 29 serviceConfig = {
26 Type = "forking"; 30 Type = "forking";
27 31
28 ExecStart = "${pkgs.postfwd}/bin/postfwd3 ${escapeShellArgs [ 32 ExecStart = "${pkgs.postfwd}/bin/postfwd3 ${escapeShellArgs ([
29 "-vv" 33 "-vv"
30 "--daemon" "--user" "postfwd" "--group" "postfwd" 34 "--daemon" "--user" "postfwd" "--group" "postfwd"
31 "--pidfile" "/run/postfwd3/postfwd3.pid" 35 "--pidfile" "/run/postfwd3/postfwd3.pid"
@@ -34,11 +38,14 @@ in {
34 "--save_rates" "/var/lib/postfwd/rates" 38 "--save_rates" "/var/lib/postfwd/rates"
35 "--save_groups" "/var/lib/postfwd/groups" 39 "--save_groups" "/var/lib/postfwd/groups"
36 "--summary" "3600" 40 "--summary" "3600"
41 "--file" (pkgs.writeText "postfwd3-rules" cfg.rules)
42 ] ++ lib.optionals cfg.cache [
37 "--cache" "600" 43 "--cache" "600"
38 "--cache_proto" "unix" 44 "--cache_proto" "unix"
39 "--cache_port" "/run/postfwd3/cache.sock" 45 "--cache_port" "/run/postfwd3/cache.sock"
40 "--file" (pkgs.writeText "postfwd3-rules" cfg.rules) 46 ] ++ lib.optionals (!cfg.cache) [
41 ]}"; 47 "--cache" "0"
48 ])}";
42 PIDFile = "/run/postfwd3/postfwd3.pid"; 49 PIDFile = "/run/postfwd3/postfwd3.pid";
43 50
44 Restart = "always"; 51 Restart = "always";
@@ -78,5 +85,19 @@ in {
78 IPAddressDeny = "any"; 85 IPAddressDeny = "any";
79 }; 86 };
80 }; 87 };
88
89 environment.systemPackages = [
90 (pkgs.postfwd.overrideAttrs (oldAttrs: {
91 nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ pkgs.makeWrapper pkgs.coreutils ];
92
93 postInstall = ''
94 ${oldAttrs.postInstall or ""}
95
96 wrapProgram $out/bin/postfwd3 \
97 --add-flags "--proto unix --port /run/postfwd3/postfwd3.sock"
98 ln -s postfwd3 $out/bin/postfwd
99 '';
100 }))
101 ];
81 }; 102 };
82} 103}