pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / services / mail / davmail.nix
at 25.11-pre 3.8 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7let 8 9 cfg = config.services.davmail; 10 11 configType = 12 with lib.types; 13 oneOf [ 14 (attrsOf configType) 15 str 16 int 17 bool 18 ] 19 // { 20 description = "davmail config type (str, int, bool or attribute set thereof)"; 21 }; 22 23 toStr = val: if lib.isBool val then lib.boolToString val else toString val; 24 25 linesForAttrs = 26 attrs: 27 lib.concatMap ( 28 name: 29 let 30 value = attrs.${name}; 31 in 32 if lib.isAttrs value then 33 map (line: name + "." + line) (linesForAttrs value) 34 else 35 [ "${name}=${toStr value}" ] 36 ) (lib.attrNames attrs); 37 38 configFile = pkgs.writeText "davmail.properties" ( 39 lib.concatStringsSep "\n" (linesForAttrs cfg.config) 40 ); 41 42in 43 44{ 45 options.services.davmail = { 46 enable = lib.mkEnableOption "davmail, an MS Exchange gateway"; 47 48 url = lib.mkOption { 49 type = lib.types.str; 50 description = "Outlook Web Access URL to access the exchange server, i.e. the base webmail URL."; 51 example = "https://outlook.office365.com/EWS/Exchange.asmx"; 52 }; 53 54 config = lib.mkOption { 55 type = configType; 56 default = { }; 57 description = '' 58 Davmail configuration. Refer to 59 <http://davmail.sourceforge.net/serversetup.html> 60 and <http://davmail.sourceforge.net/advanced.html> 61 for details on supported values. 62 ''; 63 example = lib.literalExpression '' 64 { 65 davmail.allowRemote = true; 66 davmail.imapPort = 55555; 67 davmail.bindAddress = "10.0.1.2"; 68 davmail.smtpSaveInSent = true; 69 davmail.folderSizeLimit = 10; 70 davmail.caldavAutoSchedule = false; 71 log4j.logger.rootLogger = "DEBUG"; 72 } 73 ''; 74 }; 75 }; 76 77 config = lib.mkIf cfg.enable { 78 79 services.davmail.config = { 80 davmail = lib.mapAttrs (name: lib.mkDefault) { 81 server = true; 82 disableUpdateCheck = true; 83 logFilePath = "/var/log/davmail/davmail.log"; 84 logFileSize = "1MB"; 85 mode = "auto"; 86 url = cfg.url; 87 caldavPort = 1080; 88 imapPort = 1143; 89 ldapPort = 1389; 90 popPort = 1110; 91 smtpPort = 1025; 92 }; 93 log4j = { 94 logger.davmail = lib.mkDefault "WARN"; 95 logger.httpclient.wire = lib.mkDefault "WARN"; 96 logger.org.apache.commons.httpclient = lib.mkDefault "WARN"; 97 rootLogger = lib.mkDefault "WARN"; 98 }; 99 }; 100 101 systemd.services.davmail = { 102 description = "DavMail POP/IMAP/SMTP Exchange Gateway"; 103 after = [ "network.target" ]; 104 wantedBy = [ "multi-user.target" ]; 105 106 serviceConfig = { 107 Type = "simple"; 108 ExecStart = "${pkgs.davmail}/bin/davmail ${configFile}"; 109 Restart = "on-failure"; 110 DynamicUser = "yes"; 111 LogsDirectory = "davmail"; 112 113 CapabilityBoundingSet = [ "" ]; 114 DeviceAllow = [ "" ]; 115 LockPersonality = true; 116 NoNewPrivileges = true; 117 PrivateDevices = true; 118 PrivateTmp = true; 119 PrivateUsers = true; 120 ProtectClock = true; 121 ProtectControlGroups = true; 122 ProtectHome = true; 123 ProtectSystem = "strict"; 124 ProtectHostname = true; 125 ProtectKernelLogs = true; 126 ProtectKernelModules = true; 127 ProtectKernelTunables = true; 128 ProtectProc = "invisible"; 129 RemoveIPC = true; 130 RestrictAddressFamilies = [ 131 "AF_INET" 132 "AF_INET6" 133 ]; 134 RestrictNamespaces = true; 135 RestrictRealtime = true; 136 RestrictSUIDSGID = true; 137 SystemCallArchitectures = "native"; 138 SystemCallFilter = "@system-service"; 139 SystemCallErrorNumber = "EPERM"; 140 UMask = "0077"; 141 142 }; 143 }; 144 145 environment.systemPackages = [ pkgs.davmail ]; 146 }; 147}