From de2521348c54e73c5260a15bd2d7eb214df24c60 Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sun, 26 May 2024 12:08:43 +0200 Subject: ... --- modules/postfwd.nix | 27 ++++++++++++++++++++++++--- 1 file changed, 24 insertions(+), 3 deletions(-) (limited to 'modules') diff --git a/modules/postfwd.nix b/modules/postfwd.nix index e10c04a7..2ecfe9ab 100644 --- a/modules/postfwd.nix +++ b/modules/postfwd.nix @@ -9,6 +9,10 @@ in { services.postfwd = with types; { enable = mkEnableOption "postfwd3 - postfix firewall daemon"; + cache = mkEnableOption "postfwd3 cache" // { + default = true; + }; + rules = mkOption { type = lines; default = ""; @@ -25,7 +29,7 @@ in { serviceConfig = { Type = "forking"; - ExecStart = "${pkgs.postfwd}/bin/postfwd3 ${escapeShellArgs [ + ExecStart = "${pkgs.postfwd}/bin/postfwd3 ${escapeShellArgs ([ "-vv" "--daemon" "--user" "postfwd" "--group" "postfwd" "--pidfile" "/run/postfwd3/postfwd3.pid" @@ -34,11 +38,14 @@ in { "--save_rates" "/var/lib/postfwd/rates" "--save_groups" "/var/lib/postfwd/groups" "--summary" "3600" + "--file" (pkgs.writeText "postfwd3-rules" cfg.rules) + ] ++ lib.optionals cfg.cache [ "--cache" "600" "--cache_proto" "unix" "--cache_port" "/run/postfwd3/cache.sock" - "--file" (pkgs.writeText "postfwd3-rules" cfg.rules) - ]}"; + ] ++ lib.optionals (!cfg.cache) [ + "--cache" "0" + ])}"; PIDFile = "/run/postfwd3/postfwd3.pid"; Restart = "always"; @@ -78,5 +85,19 @@ in { IPAddressDeny = "any"; }; }; + + environment.systemPackages = [ + (pkgs.postfwd.overrideAttrs (oldAttrs: { + nativeBuildInputs = (oldAttrs.nativeBuildInputs or []) ++ [ pkgs.makeWrapper pkgs.coreutils ]; + + postInstall = '' + ${oldAttrs.postInstall or ""} + + wrapProgram $out/bin/postfwd3 \ + --add-flags "--proto unix --port /run/postfwd3/postfwd3.sock" + ln -s postfwd3 $out/bin/postfwd + ''; + })) + ]; }; } -- cgit v1.2.3