public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/modules/services/mail/dovecot.nix: nixpkgs-fmt

Browse Source
This commit is contained in:
Symphorien Gibol 2020-01-28 12:00:00 +00:00
parent 56f9c51b05
commit 7a40ced06b
1 changed files with 136 additions and 110 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
nixos/modules/services/mail/dovecot.nix
View File

@ -18,13 +18,20 @@ let
mail_plugins = $mail_plugins ${concatStringsSep " " cfg.mailPlugins.globally.enable} mail_plugins = $mail_plugins ${concatStringsSep " " cfg.mailPlugins.globally.enable}
'' ''
(concatStringsSep "\n" (mapAttrsToList (protocol: plugins: '' (
concatStringsSep "\n" (
mapAttrsToList (
protocol: plugins: ''
protocol ${protocol} { protocol ${protocol} {
mail_plugins = $mail_plugins ${concatStringsSep " " plugins.enable} mail_plugins = $mail_plugins ${concatStringsSep " " plugins.enable}
} }
'') cfg.mailPlugins.perProtocol)) ''
) cfg.mailPlugins.perProtocol
)
)
(if cfg.sslServerCert == null then '' (
if cfg.sslServerCert == null then ''
ssl = no ssl = no
disable_plaintext_auth = no disable_plaintext_auth = no
'' else '' '' else ''
@ -33,7 +40,8 @@ let
${optionalString (cfg.sslCACert != null) ("ssl_ca = <" + cfg.sslCACert)} ${optionalString (cfg.sslCACert != null) ("ssl_ca = <" + cfg.sslCACert)}
ssl_dh = <${config.security.dhparams.params.dovecot2.path} ssl_dh = <${config.security.dhparams.params.dovecot2.path}
disable_plaintext_auth = yes disable_plaintext_auth = yes
'') ''
)
'' ''
default_internal_user = ${cfg.user} default_internal_user = ${cfg.user}
@ -53,7 +61,8 @@ let
} }
'' ''
(optionalString cfg.enablePAM '' (
optionalString cfg.enablePAM ''
userdb { userdb {
driver = passwd driver = passwd
} }
@ -62,24 +71,30 @@ let
driver = pam driver = pam
args = ${optionalString cfg.showPAMFailure "failure_show_msg=yes"} dovecot2 args = ${optionalString cfg.showPAMFailure "failure_show_msg=yes"} dovecot2
} }
'') ''
)
(optionalString (cfg.sieveScripts != {}) '' (
optionalString (cfg.sieveScripts != {}) ''
plugin { plugin {
${concatStringsSep "\n" (mapAttrsToList (to: from: "sieve_${to} = ${stateDir}/sieve/${to}") cfg.sieveScripts)} ${concatStringsSep "\n" (mapAttrsToList (to: from: "sieve_${to} = ${stateDir}/sieve/${to}") cfg.sieveScripts)}
} }
'') ''
)
(optionalString (cfg.mailboxes != []) '' (
optionalString (cfg.mailboxes != []) ''
protocol imap { protocol imap {
namespace inbox { namespace inbox {
inbox=yes inbox=yes
${concatStringsSep "\n" (map mailboxConfig cfg.mailboxes)} ${concatStringsSep "\n" (map mailboxConfig cfg.mailboxes)}
} }
} }
'') ''
)
(optionalString cfg.enableQuota '' (
optionalString cfg.enableQuota ''
service quota-status { service quota-status {
executable = ${dovecotPkg}/libexec/dovecot/quota-status -p postfix executable = ${dovecotPkg}/libexec/dovecot/quota-status -p postfix
inet_listener { inet_listener {
@ -96,7 +111,8 @@ let
quota_status_overquota = "552 5.2.2 Mailbox is full" quota_status_overquota = "552 5.2.2 Mailbox is full"
quota_grace = 10%% quota_grace = 10%%
} }
'') ''
)
cfg.extraConfig cfg.extraConfig
]; ];
@ -163,7 +179,7 @@ in
protocols = mkOption { protocols = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
default = [ ]; default = [];
description = "Additional listeners to start when Dovecot is enabled."; description = "Additional listeners to start when Dovecot is enabled.";
}; };
@ -187,7 +203,8 @@ in
}; };
mailPlugins = mailPlugins =
let plugins = hint: types.submodule { let
plugins = hint: types.submodule {
options = { options = {
enable = mkOption { enable = mkOption {
type = types.listOf types.str; type = types.listOf types.str;
@ -217,7 +234,7 @@ in
globally.enable = [ "acl" ]; globally.enable = [ "acl" ];
perProtocol.imap.enable = [ "imap_acl" ]; perProtocol.imap.enable = [ "imap_acl" ];
}; };
default = { globally.enable = []; perProtocol = {};}; default = { globally.enable = []; perProtocol = {}; };
}; };
configFile = mkOption { configFile = mkOption {
@ -354,20 +371,21 @@ in
users.users = { users.users = {
dovenull = dovenull =
{ uid = config.ids.uids.dovenull2; {
uid = config.ids.uids.dovenull2;
description = "Dovecot user for untrusted logins"; description = "Dovecot user for untrusted logins";
group = "dovenull"; group = "dovenull";
}; };
} // optionalAttrs (cfg.user == "dovecot2") { } // optionalAttrs (cfg.user == "dovecot2") {
dovecot2 = dovecot2 =
{ uid = config.ids.uids.dovecot2; {
uid = config.ids.uids.dovecot2;
description = "Dovecot user"; description = "Dovecot user";
group = cfg.group; group = cfg.group;
}; };
} // optionalAttrs (cfg.createMailUser && cfg.mailUser != null) { } // optionalAttrs (cfg.createMailUser && cfg.mailUser != null) {
${cfg.mailUser} = ${cfg.mailUser} =
{ description = "Virtual Mail User"; } // { description = "Virtual Mail User"; } // optionalAttrs (cfg.mailGroup != null)
optionalAttrs (cfg.mailGroup != null)
{ group = cfg.mailGroup; }; { group = cfg.mailGroup; };
}; };
@ -376,7 +394,7 @@ in
} // optionalAttrs (cfg.group == "dovecot2") { } // optionalAttrs (cfg.group == "dovecot2") {
dovecot2.gid = config.ids.gids.dovecot2; dovecot2.gid = config.ids.gids.dovecot2;
} // optionalAttrs (cfg.createMailUser && cfg.mailGroup != null) { } // optionalAttrs (cfg.createMailUser && cfg.mailGroup != null) {
${cfg.mailGroup} = { }; ${cfg.mailGroup} = {};
}; };
environment.etc."dovecot/modules".source = modulesDir; environment.etc."dovecot/modules".source = modulesDir;
@ -405,7 +423,9 @@ in
rm -rf ${stateDir}/sieve rm -rf ${stateDir}/sieve
'' + optionalString (cfg.sieveScripts != {}) '' '' + optionalString (cfg.sieveScripts != {}) ''
mkdir -p ${stateDir}/sieve mkdir -p ${stateDir}/sieve
${concatStringsSep "\n" (mapAttrsToList (to: from: '' ${concatStringsSep "\n" (
mapAttrsToList (
to: from: ''
if [ -d '${from}' ]; then if [ -d '${from}' ]; then
mkdir '${stateDir}/sieve/${to}' mkdir '${stateDir}/sieve/${to}'
cp -p "${from}/"*.sieve '${stateDir}/sieve/${to}' cp -p "${from}/"*.sieve '${stateDir}/sieve/${to}'
@ -413,7 +433,9 @@ in
cp -p '${from}' '${stateDir}/sieve/${to}' cp -p '${from}' '${stateDir}/sieve/${to}'
fi fi
${pkgs.dovecot_pigeonhole}/bin/sievec '${stateDir}/sieve/${to}' ${pkgs.dovecot_pigeonhole}/bin/sievec '${stateDir}/sieve/${to}'
'') cfg.sieveScripts)} ''
) cfg.sieveScripts
)}
chown -R '${cfg.mailUser}:${cfg.mailGroup}' '${stateDir}/sieve' chown -R '${cfg.mailUser}:${cfg.mailGroup}' '${stateDir}/sieve'
''; '';
}; };
@ -421,17 +443,21 @@ in
environment.systemPackages = [ dovecotPkg ]; environment.systemPackages = [ dovecotPkg ];
assertions = [ assertions = [
{ assertion = intersectLists cfg.protocols [ "pop3" "imap" ] != []; {
assertion = intersectLists cfg.protocols [ "pop3" "imap" ] != [];
message = "dovecot needs at least one of the IMAP or POP3 listeners enabled"; message = "dovecot needs at least one of the IMAP or POP3 listeners enabled";
} }
{ assertion = (cfg.sslServerCert == null) == (cfg.sslServerKey == null) {
assertion = (cfg.sslServerCert == null) == (cfg.sslServerKey == null)
&& (cfg.sslCACert != null -> !(cfg.sslServerCert == null || cfg.sslServerKey == null)); && (cfg.sslCACert != null -> !(cfg.sslServerCert == null || cfg.sslServerKey == null));
message = "dovecot needs both sslServerCert and sslServerKey defined for working crypto"; message = "dovecot needs both sslServerCert and sslServerKey defined for working crypto";
} }
{ assertion = cfg.showPAMFailure -> cfg.enablePAM; {
assertion = cfg.showPAMFailure -> cfg.enablePAM;
message = "dovecot is configured with showPAMFailure while enablePAM is disabled"; message = "dovecot is configured with showPAMFailure while enablePAM is disabled";
} }
{ assertion = cfg.sieveScripts != {} -> (cfg.mailUser != null && cfg.mailGroup != null); {
assertion = cfg.sieveScripts != {} -> (cfg.mailUser != null && cfg.mailGroup != null);
message = "dovecot requires mailUser and mailGroup to be set when sieveScripts is set"; message = "dovecot requires mailUser and mailGroup to be set when sieveScripts is set";
} }
]; ];