public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cupsd service: don't allow overriding necessary configuration options

Browse Source
This commit is contained in:
Nikolay Amiantov 2016-01-17 04:10:29 +03:00
parent d93f866f55
commit c311901810
2 changed files with 55 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/modules/rename.nix
View File

@ -99,6 +99,8 @@ with lib;
(mkRemovedOptionModule [ "services" "syslog-ng" "listenToJournal" ]) (mkRemovedOptionModule [ "services" "syslog-ng" "listenToJournal" ])
(mkRemovedOptionModule [ "ec2" "metadata" ]) (mkRemovedOptionModule [ "ec2" "metadata" ])
(mkRemovedOptionModule [ "services" "openvpn" "enable" ]) (mkRemovedOptionModule [ "services" "openvpn" "enable" ])
(mkRemovedOptionModule [ "services" "printing" "cupsFilesConf" ])
(mkRemovedOptionModule [ "services" "printing" "cupsdConf" ])
]; ];
} }

112
nixos/modules/services/printing/cupsd.nix
View File

@ -42,6 +42,52 @@ let
ignoreCollisions = true; ignoreCollisions = true;
}; };
writeConf = name: text: pkgs.writeTextFile {
inherit name text;
destination = "/etc/cups/${name}";
};
cupsFilesFile = writeConf "cups-files.conf" ''
SystemGroup root wheel
ServerBin ${bindir}/lib/cups
DataDir ${bindir}/share/cups
AccessLog syslog
ErrorLog syslog
PageLog syslog
TempDir ${cfg.tempDir}
# User and group used to run external programs, including
# those that actually send the job to the printer. Note that
# Udev sets the group of printer devices to `lp', so we want
# these programs to run as `lp' as well.
User cups
Group lp
${cfg.extraFilesConf}
'';
cupsdFile = writeConf "cupsd.conf" ''
${concatMapStrings (addr: ''
Listen ${addr}
'') cfg.listenAddresses}
Listen /var/run/cups/cups.sock
SetEnv PATH ${bindir}/lib/cups/filter:${bindir}/bin
DefaultShared ${if cfg.defaultShared then "Yes" else "No"}
Browsing ${if cfg.browsing then "Yes" else "No"}
WebInterface ${if cfg.webInterface then "Yes" else "No"}
${cfg.extraConf}
'';
browsedFile = writeConf "cups-browsed.conf" cfg.browsedConf;
in in
{ {
@ -102,25 +148,11 @@ in
''; '';
}; };
cupsdConf = mkOption { extraFilesConf = mkOption {
type = types.lines;
default = "";
example =
''
BrowsePoll cups.example.com
LogLevel debug
'';
description = ''
The contents of the configuration file of the CUPS daemon
(<filename>cupsd.conf</filename>).
'';
};
cupsFilesConf = mkOption {
type = types.lines; type = types.lines;
default = ""; default = "";
description = '' description = ''
The contents of the configuration file of the CUPS daemon Extra contents of the configuration file of the CUPS daemon
(<filename>cups-files.conf</filename>). (<filename>cups-files.conf</filename>).
''; '';
}; };
@ -223,9 +255,9 @@ in
environment.systemPackages = [ cups ] ++ optional polkitEnabled cups-pk-helper; environment.systemPackages = [ cups ] ++ optional polkitEnabled cups-pk-helper;
environment.etc."cups/client.conf".text = cfg.clientConf; environment.etc."cups/client.conf".text = cfg.clientConf;
environment.etc."cups/cups-files.conf".text = cfg.cupsFilesConf; environment.etc."cups/cups-files.conf".source = cupsFilesFile;
environment.etc."cups/cupsd.conf".text = cfg.cupsdConf; environment.etc."cups/cupsd.conf".source = cupsdFile;
environment.etc."cups/cups-browsed.conf".text = cfg.browsedConf; environment.etc."cups/cups-browsed.conf".source = browsedFile;
environment.etc."cups/snmp.conf".text = cfg.snmpConf; environment.etc."cups/snmp.conf".text = cfg.snmpConf;
services.dbus.packages = [ cups ] ++ optional polkitEnabled cups-pk-helper; services.dbus.packages = [ cups ] ++ optional polkitEnabled cups-pk-helper;
@ -274,49 +306,13 @@ in
serviceConfig.ExecStart = "${cups_filters}/bin/cups-browsed"; serviceConfig.ExecStart = "${cups_filters}/bin/cups-browsed";
restartTriggers = restartTriggers = [ browsedFile ];
[ config.environment.etc."cups/cups-browsed.conf".source
];
}; };
services.printing.cupsFilesConf = services.printing.extraConf =
''
SystemGroup root wheel
ServerBin ${bindir}/lib/cups
DataDir ${bindir}/share/cups
AccessLog syslog
ErrorLog syslog
PageLog syslog
TempDir ${cfg.tempDir}
# User and group used to run external programs, including
# those that actually send the job to the printer. Note that
# Udev sets the group of printer devices to `lp', so we want
# these programs to run as `lp' as well.
User cups
Group lp
'';
services.printing.cupsdConf =
'' ''
LogLevel info LogLevel info
${concatMapStrings (addr: ''
Listen ${addr}
'') cfg.listenAddresses}
Listen /var/run/cups/cups.sock
SetEnv PATH ${bindir}/lib/cups/filter:${bindir}/bin:${bindir}/sbin
DefaultShared ${if cfg.defaultShared then "Yes" else "No"}
Browsing ${if cfg.browsing then "Yes" else "No"}
WebInterface ${if cfg.webInterface then "Yes" else "No"}
DefaultAuthType Basic DefaultAuthType Basic
<Location /> <Location />
@ -357,8 +353,6 @@ in
Order deny,allow Order deny,allow
</Limit> </Limit>
</Policy> </Policy>
${cfg.extraConf}
''; '';
security.pam.services.cups = {}; security.pam.services.cups = {};