qbit/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/opendkim: modernize, add expandable settings option, put config file under standard location (#333758)

Browse Source
This commit is contained in:
Sandro 2024-11-19 22:29:49 +01:00 committed by GitHub
commit 8bc2cc19bb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 22 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
nixos/modules/services/mail/opendkim.nix
View File

@ -1,35 +1,27 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let
let
cfg = config.services.opendkim; cfg = config.services.opendkim;
defaultSock = "local:/run/opendkim/opendkim.sock"; defaultSock = "local:/run/opendkim/opendkim.sock";
keyFile = "${cfg.keyPath}/${cfg.selector}.private";
args = [ "-f" "-l" args = [ "-f" "-l"
"-p" cfg.socket "-p" cfg.socket
"-d" cfg.domains "-d" cfg.domains
"-k" keyFile "-k" "${cfg.keyPath}/${cfg.selector}.private"
"-s" cfg.selector "-s" cfg.selector
] ++ lib.optionals (cfg.configFile != null) [ "-x" cfg.configFile ]; ] ++ lib.optionals (cfg.configFile != null) [ "-x" cfg.configFile ];
configFile = pkgs.writeText "opendkim.conf"
(lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value: "${name} ${value}") cfg.settings));
in { in {
imports = [ imports = [
(lib.mkRenamedOptionModule [ "services" "opendkim" "keyFile" ] [ "services" "opendkim" "keyPath" ]) (lib.mkRenamedOptionModule [ "services" "opendkim" "keyFile" ] [ "services" "opendkim" "keyPath" ])
]; ];
###### interface
options = { options = {
services.opendkim = { services.opendkim = {
enable = lib.mkEnableOption "OpenDKIM sender authentication system";
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable the OpenDKIM sender authentication system.";
};
socket = lib.mkOption { socket = lib.mkOption {
type = lib.types.str; type = lib.types.str;
@ -74,21 +66,24 @@ in {
description = "Selector to use when signing."; description = "Selector to use when signing.";
}; };
# TODO: deprecate this?
configFile = lib.mkOption { configFile = lib.mkOption {
type = lib.types.nullOr lib.types.path; type = lib.types.nullOr lib.types.path;
default = null; default = null;
description = "Additional opendkim configuration."; description = "Additional opendkim configuration as a file.";
}; };
settings = lib.mkOption {
type = with lib.types; submodule {
freeformType = attrsOf str;
};
default = { };
description = "Additional opendkim configuration";
};
}; };
}; };
###### implementation
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users = lib.optionalAttrs (cfg.user == "opendkim") { users.users = lib.optionalAttrs (cfg.user == "opendkim") {
opendkim = { opendkim = {
group = cfg.group; group = cfg.group;
@ -100,7 +95,14 @@ in {
opendkim.gid = config.ids.gids.opendkim; opendkim.gid = config.ids.gids.opendkim;
}; };
environment.systemPackages = [ pkgs.opendkim ]; environment = {
etc = lib.mkIf (cfg.settings != { }) {
"opendkim/opendkim.conf".source = configFile;
};
systemPackages = [ pkgs.opendkim ];
};
services.opendkim.configFile = lib.mkIf (cfg.settings != { }) configFile;
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${cfg.keyPath}' - ${cfg.user} ${cfg.group} - -" "d '${cfg.keyPath}' - ${cfg.user} ${cfg.group} - -"
@ -159,6 +161,5 @@ in {
UMask = "0077"; UMask = "0077";
}; };
}; };
}; };
} }