pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / mail / davmail.nix
at 24.11-pre 3.8 kB view raw
1{ config, lib, pkgs, ... }: 2 3with lib; 4 5let 6 7 cfg = config.services.davmail; 8 9 configType = with types; 10 oneOf [ (attrsOf configType) str int bool ] // { 11 description = "davmail config type (str, int, bool or attribute set thereof)"; 12 }; 13 14 toStr = val: if isBool val then boolToString val else toString val; 15 16 linesForAttrs = attrs: concatMap (name: let value = attrs.${name}; in 17 if isAttrs value 18 then map (line: name + "." + line) (linesForAttrs value) 19 else [ "${name}=${toStr value}" ] 20 ) (attrNames attrs); 21 22 configFile = pkgs.writeText "davmail.properties" (concatStringsSep "\n" (linesForAttrs cfg.config)); 23 24in 25 26 { 27 options.services.davmail = { 28 enable = mkEnableOption "davmail, an MS Exchange gateway"; 29 30 url = mkOption { 31 type = types.str; 32 description = "Outlook Web Access URL to access the exchange server, i.e. the base webmail URL."; 33 example = "https://outlook.office365.com/EWS/Exchange.asmx"; 34 }; 35 36 config = mkOption { 37 type = configType; 38 default = {}; 39 description = '' 40 Davmail configuration. Refer to 41 <http://davmail.sourceforge.net/serversetup.html> 42 and <http://davmail.sourceforge.net/advanced.html> 43 for details on supported values. 44 ''; 45 example = literalExpression '' 46 { 47 davmail.allowRemote = true; 48 davmail.imapPort = 55555; 49 davmail.bindAddress = "10.0.1.2"; 50 davmail.smtpSaveInSent = true; 51 davmail.folderSizeLimit = 10; 52 davmail.caldavAutoSchedule = false; 53 log4j.logger.rootLogger = "DEBUG"; 54 } 55 ''; 56 }; 57 }; 58 59 config = mkIf cfg.enable { 60 61 services.davmail.config = { 62 davmail = mapAttrs (name: mkDefault) { 63 server = true; 64 disableUpdateCheck = true; 65 logFilePath = "/var/log/davmail/davmail.log"; 66 logFileSize = "1MB"; 67 mode = "auto"; 68 url = cfg.url; 69 caldavPort = 1080; 70 imapPort = 1143; 71 ldapPort = 1389; 72 popPort = 1110; 73 smtpPort = 1025; 74 }; 75 log4j = { 76 logger.davmail = mkDefault "WARN"; 77 logger.httpclient.wire = mkDefault "WARN"; 78 logger.org.apache.commons.httpclient = mkDefault "WARN"; 79 rootLogger = mkDefault "WARN"; 80 }; 81 }; 82 83 systemd.services.davmail = { 84 description = "DavMail POP/IMAP/SMTP Exchange Gateway"; 85 after = [ "network.target" ]; 86 wantedBy = [ "multi-user.target" ]; 87 88 serviceConfig = { 89 Type = "simple"; 90 ExecStart = "${pkgs.davmail}/bin/davmail ${configFile}"; 91 Restart = "on-failure"; 92 DynamicUser = "yes"; 93 LogsDirectory = "davmail"; 94 95 CapabilityBoundingSet = [ "" ]; 96 DeviceAllow = [ "" ]; 97 LockPersonality = true; 98 NoNewPrivileges = true; 99 PrivateDevices = true; 100 PrivateTmp = true; 101 PrivateUsers = true; 102 ProtectClock = true; 103 ProtectControlGroups = true; 104 ProtectHome = true; 105 ProtectSystem = "strict"; 106 ProtectHostname = true; 107 ProtectKernelLogs = true; 108 ProtectKernelModules = true; 109 ProtectKernelTunables = true; 110 ProtectProc = "invisible"; 111 RemoveIPC = true; 112 RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ]; 113 RestrictNamespaces = true; 114 RestrictRealtime = true; 115 RestrictSUIDSGID = true; 116 SystemCallArchitectures = "native"; 117 SystemCallFilter = "@system-service"; 118 SystemCallErrorNumber = "EPERM"; 119 UMask = "0077"; 120 121 }; 122 }; 123 124 environment.systemPackages = [ pkgs.davmail ]; 125 }; 126 }