nixos/modules/programs/ssmtp.nix at 18.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / programs / ssmtp.nix
at 18.09-beta 4.9 kB view raw
  1# Configuration for `ssmtp', a trivial mail transfer agent that can
  2# replace sendmail/postfix on simple systems.  It delivers email
  3# directly to an SMTP server defined in its configuration file, wihout
  4# queueing mail locally.
  5
  6{ config, lib, pkgs, ... }:
  7
  8with lib;
  9
 10let
 11
 12  cfg = config.networking.defaultMailServer;
 13
 14in
 15
 16{
 17
 18  options = {
 19
 20    networking.defaultMailServer = {
 21
 22      directDelivery = mkOption {
 23        type = types.bool;
 24        default = false;
 25        description = ''
 26          Use the trivial Mail Transfer Agent (MTA)
 27          <command>ssmtp</command> package to allow programs to send
 28          e-mail.  If you don't want to run a “real” MTA like
 29          <command>sendmail</command> or <command>postfix</command> on
 30          your machine, set this option to <literal>true</literal>, and
 31          set the option
 32          <option>networking.defaultMailServer.hostName</option> to the
 33          host name of your preferred mail server.
 34        '';
 35      };
 36
 37      hostName = mkOption {
 38        type = types.str;
 39        example = "mail.example.org";
 40        description = ''
 41          The host name of the default mail server to use to deliver
 42          e-mail. Can also contain a port number (ex: mail.example.org:587),
 43          defaults to port 25 if no port is given.
 44        '';
 45      };
 46
 47      root = mkOption {
 48        type = types.str;
 49        default = "";
 50        example = "root@example.org";
 51        description = ''
 52          The e-mail to which mail for users with UID &lt; 1000 is forwarded.
 53        '';
 54      };
 55
 56      domain = mkOption {
 57        type = types.str;
 58        default = "";
 59        example = "example.org";
 60        description = ''
 61          The domain from which mail will appear to be sent.
 62        '';
 63      };
 64
 65      useTLS = mkOption {
 66        type = types.bool;
 67        default = false;
 68        description = ''
 69          Whether TLS should be used to connect to the default mail
 70          server.
 71        '';
 72      };
 73
 74      useSTARTTLS = mkOption {
 75        type = types.bool;
 76        default = false;
 77        description = ''
 78          Whether the STARTTLS should be used to connect to the default
 79          mail server.  (This is needed for TLS-capable mail servers
 80          running on the default SMTP port 25.)
 81        '';
 82      };
 83
 84      authUser = mkOption {
 85        type = types.str;
 86        default = "";
 87        example = "foo@example.org";
 88        description = ''
 89          Username used for SMTP auth. Leave blank to disable.
 90        '';
 91      };
 92
 93      authPass = mkOption {
 94        type = types.str;
 95        default = "";
 96        example = "correctHorseBatteryStaple";
 97        description = ''
 98          Password used for SMTP auth. (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
 99
100          It's recommended to use <option>authPassFile</option>
101          which takes precedence over <option>authPass</option>.
102        '';
103      };
104
105      authPassFile = mkOption {
106        type = types.nullOr types.str;
107        default = null;
108        example = "/run/keys/ssmtp-authpass";
109        description = ''
110          Path to a file that contains the password used for SMTP auth. The file
111          should not contain a trailing newline, if the password does not contain one.
112          This file should be readable by the users that need to execute ssmtp.
113
114          <option>authPassFile</option> takes precedence over <option>authPass</option>.
115
116          Warning: when <option>authPass</option> is non-empty <option>authPassFile</option>
117          defaults to a file in the WORLD-READABLE Nix store containing that password.
118        '';
119      };
120
121      setSendmail = mkOption {
122        type = types.bool;
123        default = true;
124        description = "Whether to set the system sendmail to ssmtp's.";
125      };
126
127    };
128
129  };
130
131
132  config = mkIf cfg.directDelivery {
133
134    networking.defaultMailServer.authPassFile = mkIf (cfg.authPass != "")
135      (mkDefault (toString (pkgs.writeTextFile {
136        name = "ssmtp-authpass";
137        text = cfg.authPass;
138      })));
139
140    environment.etc."ssmtp/ssmtp.conf".text =
141      let yesNo = yes : if yes then "YES" else "NO"; in
142      ''
143        MailHub=${cfg.hostName}
144        FromLineOverride=YES
145        ${optionalString (cfg.root   != "") "root=${cfg.root}"}
146        ${optionalString (cfg.domain != "") "rewriteDomain=${cfg.domain}"}
147        UseTLS=${yesNo cfg.useTLS}
148        UseSTARTTLS=${yesNo cfg.useSTARTTLS}
149        #Debug=YES
150        ${optionalString (cfg.authUser != "")       "AuthUser=${cfg.authUser}"}
151        ${optionalString (!isNull cfg.authPassFile) "AuthPassFile=${cfg.authPassFile}"}
152      '';
153
154    environment.systemPackages = [pkgs.ssmtp];
155
156    services.mail.sendmailSetuidWrapper = mkIf cfg.setSendmail {
157      program = "sendmail";
158      source = "${pkgs.ssmtp}/bin/sendmail";
159      setuid = false;
160      setgid = false;
161    };
162
163  };
164
165}