1 files changed, 24 insertions, 3 deletions

diff --git a/modules/postfwd.nix b/modules/postfwd.nix
index 3edff44d..93729978 100644
--- a/modules/postfwd.nix
+++ b/modules/postfwd.nix
@@ -9,6 +9,10 @@ in {
     services.postfwd = with types; {
       enable = mkEnableOption "postfwd3 - postfix firewall daemon";
 
+      cache = mkEnableOption "postfwd3 cache" // {
+        default = true;
+      };
+
       rules = mkOption {
         type = lines;
         default = "";
@@ -26,7 +30,7 @@ in {
       serviceConfig = {
         Type = "forking";
 
-        ExecStart = "${pkgs.postfwd}/bin/postfwd3 ${escapeShellArgs [
+        ExecStart = "${pkgs.postfwd}/bin/postfwd3 ${escapeShellArgs ([
           "-vv"
           "--daemon" "--user" "postfwd" "--group" "postfwd"
           "--pidfile" "/run/postfwd3/postfwd3.pid"
@@ -35,11 +39,14 @@ in {
           "--save_rates" "/var/lib/postfwd/rates"
           "--save_groups" "/var/lib/postfwd/groups"
           "--summary" "3600"
+          "--file" (pkgs.writeText "postfwd3-rules" cfg.rules)
+        ] ++ lib.optionals cfg.cache [
           "--cache" "600"
           "--cache_proto" "unix"
           "--cache_port" "/run/postfwd3/cache.sock"
-          "--file" (pkgs.writeText "postfwd3-rules" cfg.rules)
-        ]}";
+        ] ++ lib.optionals (!cfg.cache) [
+          "--cache" "0"
+        ])}";
         PIDFile = "/run/postfwd3/postfwd3.pid";
 
         Restart = "always";
@@ -79,5 +86,19 @@ in {
         IPAddressDeny = "any";
       };
     };
+
+    environment.systemPackages = [
+      (pkgs.postfwd.overrideAttrs (oldAttrs: {
+        nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ pkgs.makeWrapper pkgs.coreutils ];
+
+        postInstall = ''
+          ${oldAttrs.postInstall or ""}
+
+          wrapProgram $out/bin/postfwd3 \
+            --add-flags "--proto unix --port /run/postfwd3/postfwd3.sock"
+          ln -s postfwd3 $out/bin/postfwd
+        '';
+      }))
+    ];
   };
 }