···

       
53
       
53
       
 
       
      tomcat = 16;

     

       
54
       
54
       
 
       
      #audio = 17; # unused

     

       
55
       
55
       
 
       
      #floppy = 18; # unused

     

       
56
       
56
       
-
       
      #uucp = 19; # unused

     

       
56
       
56
       
+
       
      uucp = 19;

     

       
57
       
57
       
 
       
      #lp = 20; # unused

     

       
58
       
58
       
 
       
      #proc = 21; # unused

     

       
59
       
59
       
 
       
      pulseaudio = 22; # must match `pulseaudio' GID

     

···

       
517
       
517
       
 
       
  ./services/networking/heyefi.nix

     

       
518
       
518
       
 
       
  ./services/networking/hostapd.nix

     

       
519
       
519
       
 
       
  ./services/networking/htpdate.nix

     

       
520
       
520
       
+
       
  ./services/networking/hylafax/default.nix

     

       
520
       
521
       
 
       
  ./services/networking/i2pd.nix

     

       
521
       
522
       
 
       
  ./services/networking/i2p.nix

     

       
522
       
523
       
 
       
  ./services/networking/iodine.nix

     

···

       
1
       
1
       
+
       
{ config, lib, pkgs, ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
{

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
  imports = [

     

       
6
       
6
       
+
       
    ./options.nix

     

       
7
       
7
       
+
       
    ./systemd.nix

     

       
8
       
8
       
+
       
  ];

     

       
9
       
9
       
+
       


     

       
10
       
10
       
+
       
  config = lib.modules.mkIf config.services.hylafax.enable {

     

       
11
       
11
       
+
       
    environment.systemPackages = [ pkgs.hylafaxplus ];

     

       
12
       
12
       
+
       
    users.users.uucp = {

     

       
13
       
13
       
+
       
      uid = config.ids.uids.uucp;

     

       
14
       
14
       
+
       
      group = "uucp";

     

       
15
       
15
       
+
       
      description = "Unix-to-Unix CoPy system";

     

       
16
       
16
       
+
       
      isSystemUser = true;

     

       
17
       
17
       
+
       
      inherit (config.users.users.nobody) home;

     

       
18
       
18
       
+
       
    };

     

       
19
       
19
       
+
       
    assertions = [{

     

       
20
       
20
       
+
       
      assertion = config.services.hylafax.modems != {};

     

       
21
       
21
       
+
       
      message = ''

     

       
22
       
22
       
+
       
        HylaFAX cannot be used without modems.

     

       
23
       
23
       
+
       
        Please define at least one modem with

     

       
24
       
24
       
+
       
        <option>config.services.hylafax</option>.

     

       
25
       
25
       
+
       
      '';

     

       
26
       
26
       
+
       
    }];

     

       
27
       
27
       
+
       
  };

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
}

     

···

       
1
       
1
       
+
       
{ ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
# see man:hylafax-config(5)

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
{

     

       
6
       
6
       
+
       


     

       
7
       
7
       
+
       
  ModemGroup = [ ''"any:.*"'' ];

     

       
8
       
8
       
+
       
  ServerTracing = "0x78701";

     

       
9
       
9
       
+
       
  SessionTracing = "0x78701";

     

       
10
       
10
       
+
       
  UUCPLockDir = "/var/lock";

     

       
11
       
11
       
+
       


     

       
12
       
12
       
+
       
}

     

···

       
1
       
1
       
+
       
#! @shell@ -e

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
# skip this if there are no modems at all

     

       
4
       
4
       
+
       
if ! stat -t "@spoolAreaPath@"/etc/config.* >/dev/null 2>&1

     

       
5
       
5
       
+
       
then

     

       
6
       
6
       
+
       
  exit 0

     

       
7
       
7
       
+
       
fi

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
echo "faxq started, waiting for modem(s) to initialize..."

     

       
10
       
10
       
+
       


     

       
11
       
11
       
+
       
for i in `seq @timeoutSec@0 -1 0`  # gracefully timeout

     

       
12
       
12
       
+
       
do

     

       
13
       
13
       
+
       
  sleep 0.1

     

       
14
       
14
       
+
       
  # done if status files exist, but don't mention initialization

     

       
15
       
15
       
+
       
  if \

     

       
16
       
16
       
+
       
    stat -t "@spoolAreaPath@"/status/* >/dev/null 2>&1 \

     

       
17
       
17
       
+
       
    && \

     

       
18
       
18
       
+
       
    ! grep --silent --ignore-case 'initializing server' \

     

       
19
       
19
       
+
       
    "@spoolAreaPath@"/status/*

     

       
20
       
20
       
+
       
  then

     

       
21
       
21
       
+
       
    echo "modem(s) apparently ready"

     

       
22
       
22
       
+
       
    exit 0

     

       
23
       
23
       
+
       
  fi

     

       
24
       
24
       
+
       
  # if i reached 0, modems probably failed to initialize

     

       
25
       
25
       
+
       
  if test $i -eq 0

     

       
26
       
26
       
+
       
  then

     

       
27
       
27
       
+
       
    echo "warning: modem initialization timed out"

     

       
28
       
28
       
+
       
  fi

     

       
29
       
29
       
+
       
done

     

···

       
1
       
1
       
+
       
{ ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
# see man:hfaxd(8)

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
{

     

       
6
       
6
       
+
       


     

       
7
       
7
       
+
       
  ServerTracing = "0x91";

     

       
8
       
8
       
+
       
  XferLogFile = "/clientlog";

     

       
9
       
9
       
+
       


     

       
10
       
10
       
+
       
}

     

···

       
1
       
1
       
+
       
{ pkgs, ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
# see man:hylafax-config(5)

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
{

     

       
6
       
6
       
+
       


     

       
7
       
7
       
+
       
  TagLineFont = "etc/LiberationSans-25.pcf";

     

       
8
       
8
       
+
       
  TagLineLocale = ''en_US.UTF-8'';

     

       
9
       
9
       
+
       


     

       
10
       
10
       
+
       
  AdminGroup = "root";  # groups that can change server config

     

       
11
       
11
       
+
       
  AnswerRotary = "fax";  # don't accept anything else but faxes

     

       
12
       
12
       
+
       
  LogFileMode = "0640";

     

       
13
       
13
       
+
       
  PriorityScheduling = true;

     

       
14
       
14
       
+
       
  RecvFileMode = "0640";

     

       
15
       
15
       
+
       
  ServerTracing = "0x78701";

     

       
16
       
16
       
+
       
  SessionTracing = "0x78701";

     

       
17
       
17
       
+
       
  UUCPLockDir = "/var/lock";

     

       
18
       
18
       
+
       


     

       
19
       
19
       
+
       
  SendPageCmd = ''${pkgs.coreutils}/bin/false'';  # prevent pager transmit

     

       
20
       
20
       
+
       
  SendUUCPCmd = ''${pkgs.coreutils}/bin/false'';  # prevent UUCP transmit

     

       
21
       
21
       
+
       


     

       
22
       
22
       
+
       
}

     

···

       
1
       
1
       
+
       
{ config, lib, pkgs, ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
let

     

       
4
       
4
       
+
       


     

       
5
       
5
       
+
       
  inherit (lib.options) literalExample mkEnableOption mkOption;

     

       
6
       
6
       
+
       
  inherit (lib.types) bool enum int lines loaOf nullOr path str submodule;

     

       
7
       
7
       
+
       
  inherit (lib.modules) mkDefault mkIf mkMerge;

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
  commonDescr = ''

     

       
10
       
10
       
+
       
    Values can be either strings or integers

     

       
11
       
11
       
+
       
    (which will be added to the config file verbatimly)

     

       
12
       
12
       
+
       
    or lists thereof

     

       
13
       
13
       
+
       
    (which will be translated to multiple

     

       
14
       
14
       
+
       
    lines with the same configuration key).

     

       
15
       
15
       
+
       
    Boolean values are translated to "Yes" or "No".

     

       
16
       
16
       
+
       
    The default contains some reasonable

     

       
17
       
17
       
+
       
    configuration to yield an operational system.

     

       
18
       
18
       
+
       
  '';

     

       
19
       
19
       
+
       


     

       
20
       
20
       
+
       
  str1 = lib.types.addCheck str (s: s!="");  # non-empty string

     

       
21
       
21
       
+
       
  int1 = lib.types.addCheck int (i: i>0);  # positive integer

     

       
22
       
22
       
+
       


     

       
23
       
23
       
+
       
  configAttrType =

     

       
24
       
24
       
+
       
    # Options in HylaFAX configuration files can be

     

       
25
       
25
       
+
       
    # booleans, strings, integers, or list thereof

     

       
26
       
26
       
+
       
    # representing multiple config directives with the same key.

     

       
27
       
27
       
+
       
    # This type definition resolves all

     

       
28
       
28
       
+
       
    # those types into a list of strings.

     

       
29
       
29
       
+
       
    let

     

       
30
       
30
       
+
       
      inherit (lib.types) attrsOf coercedTo listOf;

     

       
31
       
31
       
+
       
      innerType = coercedTo bool (x: if x then "Yes" else "No")

     

       
32
       
32
       
+
       
        (coercedTo int (toString) str);

     

       
33
       
33
       
+
       
    in

     

       
34
       
34
       
+
       
      attrsOf (coercedTo innerType lib.singleton (listOf innerType));

     

       
35
       
35
       
+
       


     

       
36
       
36
       
+
       
  cfg = config.services.hylafax;

     

       
37
       
37
       
+
       


     

       
38
       
38
       
+
       
  modemConfigOptions = { name, config, ... }: {

     

       
39
       
39
       
+
       
    options = {

     

       
40
       
40
       
+
       
      name = mkOption {

     

       
41
       
41
       
+
       
        type = str1;

     

       
42
       
42
       
+
       
        example = "ttyS1";

     

       
43
       
43
       
+
       
        description = ''

     

       
44
       
44
       
+
       
          Name of modem device,

     

       
45
       
45
       
+
       
          will be searched for in <filename>/dev</filename>.

     

       
46
       
46
       
+
       
        '';

     

       
47
       
47
       
+
       
      };

     

       
48
       
48
       
+
       
      type = mkOption {

     

       
49
       
49
       
+
       
        type = str1;

     

       
50
       
50
       
+
       
        example = "cirrus";

     

       
51
       
51
       
+
       
        description = ''

     

       
52
       
52
       
+
       
          Name of modem configuration file,

     

       
53
       
53
       
+
       
          will be searched for in <filename>config</filename>

     

       
54
       
54
       
+
       
          in the spooling area directory.

     

       
55
       
55
       
+
       
        '';

     

       
56
       
56
       
+
       
      };

     

       
57
       
57
       
+
       
      config = mkOption {

     

       
58
       
58
       
+
       
        type = configAttrType;

     

       
59
       
59
       
+
       
        example = {

     

       
60
       
60
       
+
       
          AreaCode = "49";

     

       
61
       
61
       
+
       
          LocalCode = "30";

     

       
62
       
62
       
+
       
          FAXNumber = "123456";

     

       
63
       
63
       
+
       
          LocalIdentifier = "LostInBerlin";

     

       
64
       
64
       
+
       
        };

     

       
65
       
65
       
+
       
        description = ''

     

       
66
       
66
       
+
       
          Attribute set of values for the given modem.

     

       
67
       
67
       
+
       
          ${commonDescr}

     

       
68
       
68
       
+
       
          Options defined here override options in

     

       
69
       
69
       
+
       
          <option>commonModemConfig</option> for this modem.

     

       
70
       
70
       
+
       
        '';

     

       
71
       
71
       
+
       
      };

     

       
72
       
72
       
+
       
    };

     

       
73
       
73
       
+
       
    config.name = mkDefault name;

     

       
74
       
74
       
+
       
    config.config.Include = [ "config/${config.type}" ];

     

       
75
       
75
       
+
       
  };

     

       
76
       
76
       
+
       


     

       
77
       
77
       
+
       
  defaultConfig =

     

       
78
       
78
       
+
       
    let

     

       
79
       
79
       
+
       
      inherit (config.security) wrapperDir;

     

       
80
       
80
       
+
       
      inherit (config.services.mail.sendmailSetuidWrapper) program;

     

       
81
       
81
       
+
       
      mkIfDefault = cond: value: mkIf cond (mkDefault value);

     

       
82
       
82
       
+
       
      noWrapper = config.services.mail.sendmailSetuidWrapper==null;

     

       
83
       
83
       
+
       
      # If a sendmail setuid wrapper exists,

     

       
84
       
84
       
+
       
      # we add the path to the default configuration file.

     

       
85
       
85
       
+
       
      # Otherwise, we use `false` to provoke

     

       
86
       
86
       
+
       
      # an error if hylafax tries to use it.

     

       
87
       
87
       
+
       
      c.sendmailPath = mkMerge [

     

       
88
       
88
       
+
       
        (mkIfDefault noWrapper ''${pkgs.coreutils}/bin/false'')

     

       
89
       
89
       
+
       
        (mkIfDefault (!noWrapper) ''${wrapperDir}/${program}'')

     

       
90
       
90
       
+
       
      ];

     

       
91
       
91
       
+
       
      importDefaultConfig = file:

     

       
92
       
92
       
+
       
        lib.attrsets.mapAttrs

     

       
93
       
93
       
+
       
        (lib.trivial.const mkDefault)

     

       
94
       
94
       
+
       
        (import file { inherit pkgs; });

     

       
95
       
95
       
+
       
      c.commonModemConfig = importDefaultConfig ./modem-default.nix;

     

       
96
       
96
       
+
       
      c.faxqConfig = importDefaultConfig ./faxq-default.nix;

     

       
97
       
97
       
+
       
      c.hfaxdConfig = importDefaultConfig ./hfaxd-default.nix;

     

       
98
       
98
       
+
       
    in

     

       
99
       
99
       
+
       
      c;

     

       
100
       
100
       
+
       


     

       
101
       
101
       
+
       
  localConfig =

     

       
102
       
102
       
+
       
    let

     

       
103
       
103
       
+
       
      c.hfaxdConfig.UserAccessFile = cfg.userAccessFile;

     

       
104
       
104
       
+
       
      c.faxqConfig = lib.attrsets.mapAttrs

     

       
105
       
105
       
+
       
        (lib.trivial.const (v: mkIf (v!=null) v))

     

       
106
       
106
       
+
       
        {

     

       
107
       
107
       
+
       
          AreaCode = cfg.areaCode;

     

       
108
       
108
       
+
       
          CountryCode = cfg.countryCode;

     

       
109
       
109
       
+
       
          LongDistancePrefix = cfg.longDistancePrefix;

     

       
110
       
110
       
+
       
          InternationalPrefix = cfg.internationalPrefix;

     

       
111
       
111
       
+
       
        };

     

       
112
       
112
       
+
       
      c.commonModemConfig = c.faxqConfig;

     

       
113
       
113
       
+
       
    in

     

       
114
       
114
       
+
       
      c;

     

       
115
       
115
       
+
       


     

       
116
       
116
       
+
       
in

     

       
117
       
117
       
+
       


     

       
118
       
118
       
+
       


     

       
119
       
119
       
+
       
{

     

       
120
       
120
       
+
       


     

       
121
       
121
       
+
       


     

       
122
       
122
       
+
       
  options.services.hylafax = {

     

       
123
       
123
       
+
       


     

       
124
       
124
       
+
       
    enable = mkEnableOption ''HylaFAX server'';

     

       
125
       
125
       
+
       


     

       
126
       
126
       
+
       
    autostart = mkOption {

     

       
127
       
127
       
+
       
      type = bool;

     

       
128
       
128
       
+
       
      default = true;

     

       
129
       
129
       
+
       
      example = false;

     

       
130
       
130
       
+
       
      description = ''

     

       
131
       
131
       
+
       
        Autostart the HylaFAX queue manager at system start.

     

       
132
       
132
       
+
       
        If this is <literal>false</literal>, the queue manager

     

       
133
       
133
       
+
       
        will still be started if there are pending

     

       
134
       
134
       
+
       
        jobs or if a user tries to connect to it.

     

       
135
       
135
       
+
       
      '';

     

       
136
       
136
       
+
       
    };

     

       
137
       
137
       
+
       


     

       
138
       
138
       
+
       
    countryCode = mkOption {

     

       
139
       
139
       
+
       
      type = nullOr str1;

     

       
140
       
140
       
+
       
      default = null;

     

       
141
       
141
       
+
       
      example = "49";

     

       
142
       
142
       
+
       
      description = ''Country code for server and all modems.'';

     

       
143
       
143
       
+
       
    };

     

       
144
       
144
       
+
       


     

       
145
       
145
       
+
       
    areaCode = mkOption {

     

       
146
       
146
       
+
       
      type = nullOr str1;

     

       
147
       
147
       
+
       
      default = null;

     

       
148
       
148
       
+
       
      example = "30";

     

       
149
       
149
       
+
       
      description = ''Area code for server and all modems.'';

     

       
150
       
150
       
+
       
    };

     

       
151
       
151
       
+
       


     

       
152
       
152
       
+
       
    longDistancePrefix = mkOption {

     

       
153
       
153
       
+
       
      type = nullOr str;

     

       
154
       
154
       
+
       
      default = null;

     

       
155
       
155
       
+
       
      example = "0";

     

       
156
       
156
       
+
       
      description = ''Long distance prefix for server and all modems.'';

     

       
157
       
157
       
+
       
    };

     

       
158
       
158
       
+
       


     

       
159
       
159
       
+
       
    internationalPrefix = mkOption {

     

       
160
       
160
       
+
       
      type = nullOr str;

     

       
161
       
161
       
+
       
      default = null;

     

       
162
       
162
       
+
       
      example = "00";

     

       
163
       
163
       
+
       
      description = ''International prefix for server and all modems.'';

     

       
164
       
164
       
+
       
    };

     

       
165
       
165
       
+
       


     

       
166
       
166
       
+
       
    spoolAreaPath = mkOption {

     

       
167
       
167
       
+
       
      type = path;

     

       
168
       
168
       
+
       
      default = "/var/spool/fax";

     

       
169
       
169
       
+
       
      description = ''

     

       
170
       
170
       
+
       
        The spooling area will be created/maintained

     

       
171
       
171
       
+
       
        at the location given here.

     

       
172
       
172
       
+
       
      '';

     

       
173
       
173
       
+
       
    };

     

       
174
       
174
       
+
       


     

       
175
       
175
       
+
       
    userAccessFile = mkOption {

     

       
176
       
176
       
+
       
      type = path;

     

       
177
       
177
       
+
       
      default = "/etc/hosts.hfaxd";

     

       
178
       
178
       
+
       
      description = ''

     

       
179
       
179
       
+
       
        The <filename>hosts.hfaxd</filename>

     

       
180
       
180
       
+
       
        file entry in the spooling area

     

       
181
       
181
       
+
       
        will be symlinked to the location given here.

     

       
182
       
182
       
+
       
        This file must exist and be

     

       
183
       
183
       
+
       
        readable only by the <literal>uucp</literal> user.

     

       
184
       
184
       
+
       
        See hosts.hfaxd(5) for details.

     

       
185
       
185
       
+
       
        This configuration permits access for all users:

     

       
186
       
186
       
+
       
        <literal>

     

       
187
       
187
       
+
       
          environment.etc."hosts.hfaxd" = {

     

       
188
       
188
       
+
       
            mode = "0600";

     

       
189
       
189
       
+
       
            user = "uucp";

     

       
190
       
190
       
+
       
            text = ".*";

     

       
191
       
191
       
+
       
          };

     

       
192
       
192
       
+
       
        </literal>

     

       
193
       
193
       
+
       
        Note that host-based access can be controlled with

     

       
194
       
194
       
+
       
        <option>config.systemd.sockets.hylafax-hfaxd.listenStreams</option>;

     

       
195
       
195
       
+
       
        by default, only 127.0.0.1 is permitted to connect.

     

       
196
       
196
       
+
       
      '';

     

       
197
       
197
       
+
       
    };

     

       
198
       
198
       
+
       


     

       
199
       
199
       
+
       
    sendmailPath = mkOption {

     

       
200
       
200
       
+
       
      type = path;

     

       
201
       
201
       
+
       
      example = literalExample "''${pkgs.postfix}/bin/sendmail";

     

       
202
       
202
       
+
       
      # '' ;  # fix vim

     

       
203
       
203
       
+
       
      description = ''

     

       
204
       
204
       
+
       
        Path to <filename>sendmail</filename> program.

     

       
205
       
205
       
+
       
        The default uses the local sendmail wrapper

     

       
206
       
206
       
+
       
        (see <option>config.services.mail.sendmailSetuidWrapper</option>),

     

       
207
       
207
       
+
       
        otherwise the <filename>false</filename>

     

       
208
       
208
       
+
       
        binary to cause an error if used.

     

       
209
       
209
       
+
       
      '';

     

       
210
       
210
       
+
       
    };

     

       
211
       
211
       
+
       


     

       
212
       
212
       
+
       
    hfaxdConfig = mkOption {

     

       
213
       
213
       
+
       
      type = configAttrType;

     

       
214
       
214
       
+
       
      example.RecvqProtection = "0400";

     

       
215
       
215
       
+
       
      description = ''

     

       
216
       
216
       
+
       
        Attribute set of lines for the global

     

       
217
       
217
       
+
       
        hfaxd config file <filename>etc/hfaxd.conf</filename>.

     

       
218
       
218
       
+
       
        ${commonDescr}

     

       
219
       
219
       
+
       
      '';

     

       
220
       
220
       
+
       
    };

     

       
221
       
221
       
+
       


     

       
222
       
222
       
+
       
    faxqConfig = mkOption {

     

       
223
       
223
       
+
       
      type = configAttrType;

     

       
224
       
224
       
+
       
      example = {

     

       
225
       
225
       
+
       
        InternationalPrefix = "00";

     

       
226
       
226
       
+
       
        LongDistancePrefix = "0";

     

       
227
       
227
       
+
       
      };

     

       
228
       
228
       
+
       
      description = ''

     

       
229
       
229
       
+
       
        Attribute set of lines for the global

     

       
230
       
230
       
+
       
        faxq config file <filename>etc/config</filename>.

     

       
231
       
231
       
+
       
        ${commonDescr}

     

       
232
       
232
       
+
       
      '';

     

       
233
       
233
       
+
       
    };

     

       
234
       
234
       
+
       


     

       
235
       
235
       
+
       
    commonModemConfig = mkOption {

     

       
236
       
236
       
+
       
      type = configAttrType;

     

       
237
       
237
       
+
       
      example = {

     

       
238
       
238
       
+
       
        InternationalPrefix = "00";

     

       
239
       
239
       
+
       
        LongDistancePrefix = "0";

     

       
240
       
240
       
+
       
      };

     

       
241
       
241
       
+
       
      description = ''

     

       
242
       
242
       
+
       
        Attribute set of default values for

     

       
243
       
243
       
+
       
        modem config files <filename>etc/config.*</filename>.

     

       
244
       
244
       
+
       
        ${commonDescr}

     

       
245
       
245
       
+
       
        Think twice before changing

     

       
246
       
246
       
+
       
        paths of fax-processing scripts.

     

       
247
       
247
       
+
       
      '';

     

       
248
       
248
       
+
       
    };

     

       
249
       
249
       
+
       


     

       
250
       
250
       
+
       
    modems = mkOption {

     

       
251
       
251
       
+
       
      type = loaOf (submodule [ modemConfigOptions ]);

     

       
252
       
252
       
+
       
      default = {};

     

       
253
       
253
       
+
       
      example.ttyS1 = {

     

       
254
       
254
       
+
       
        type = "cirrus";

     

       
255
       
255
       
+
       
        config = {

     

       
256
       
256
       
+
       
          FAXNumber = "123456";

     

       
257
       
257
       
+
       
          LocalIdentifier = "Smith";

     

       
258
       
258
       
+
       
        };

     

       
259
       
259
       
+
       
      };

     

       
260
       
260
       
+
       
      description = ''

     

       
261
       
261
       
+
       
        Description of installed modems.

     

       
262
       
262
       
+
       
        At least on modem must be defined

     

       
263
       
263
       
+
       
        to enable the HylaFAX server.

     

       
264
       
264
       
+
       
      '';

     

       
265
       
265
       
+
       
    };

     

       
266
       
266
       
+
       


     

       
267
       
267
       
+
       
    spoolExtraInit = mkOption {

     

       
268
       
268
       
+
       
      type = lines;

     

       
269
       
269
       
+
       
      default = "";

     

       
270
       
270
       
+
       
      example = ''chmod 0755 .  # everyone may read my faxes'';

     

       
271
       
271
       
+
       
      description = ''

     

       
272
       
272
       
+
       
        Additional shell code that is executed within the

     

       
273
       
273
       
+
       
        spooling area directory right after its setup.

     

       
274
       
274
       
+
       
      '';

     

       
275
       
275
       
+
       
    };

     

       
276
       
276
       
+
       


     

       
277
       
277
       
+
       
    faxcron.enable.spoolInit = mkEnableOption ''

     

       
278
       
278
       
+
       
      Purge old files from the spooling area with

     

       
279
       
279
       
+
       
      <filename>faxcron</filename>

     

       
280
       
280
       
+
       
      each time the spooling area is initialized.

     

       
281
       
281
       
+
       
    '';

     

       
282
       
282
       
+
       
    faxcron.enable.frequency = mkOption {

     

       
283
       
283
       
+
       
      type = nullOr str1;

     

       
284
       
284
       
+
       
      default = null;

     

       
285
       
285
       
+
       
      example = "daily";

     

       
286
       
286
       
+
       
      description = ''

     

       
287
       
287
       
+
       
        Purge old files from the spooling area with

     

       
288
       
288
       
+
       
        <filename>faxcron</filename> with the given frequency

     

       
289
       
289
       
+
       
        (see systemd.time(7)).

     

       
290
       
290
       
+
       
      '';

     

       
291
       
291
       
+
       
    };

     

       
292
       
292
       
+
       
    faxcron.infoDays = mkOption {

     

       
293
       
293
       
+
       
      type = int1;

     

       
294
       
294
       
+
       
      default = 30;

     

       
295
       
295
       
+
       
      description = ''

     

       
296
       
296
       
+
       
        Set the expiration time for data in the

     

       
297
       
297
       
+
       
        remote machine information directory in days.

     

       
298
       
298
       
+
       
      '';

     

       
299
       
299
       
+
       
    };

     

       
300
       
300
       
+
       
    faxcron.logDays = mkOption {

     

       
301
       
301
       
+
       
      type = int1;

     

       
302
       
302
       
+
       
      default = 30;

     

       
303
       
303
       
+
       
      description = ''

     

       
304
       
304
       
+
       
        Set the expiration time for

     

       
305
       
305
       
+
       
        session trace log files in days.

     

       
306
       
306
       
+
       
      '';

     

       
307
       
307
       
+
       
    };

     

       
308
       
308
       
+
       
    faxcron.rcvDays = mkOption {

     

       
309
       
309
       
+
       
      type = int1;

     

       
310
       
310
       
+
       
      default = 7;

     

       
311
       
311
       
+
       
      description = ''

     

       
312
       
312
       
+
       
        Set the expiration time for files in

     

       
313
       
313
       
+
       
        the received facsimile queue in days.

     

       
314
       
314
       
+
       
      '';

     

       
315
       
315
       
+
       
    };

     

       
316
       
316
       
+
       


     

       
317
       
317
       
+
       
    faxqclean.enable.spoolInit = mkEnableOption ''

     

       
318
       
318
       
+
       
      Purge old files from the spooling area with

     

       
319
       
319
       
+
       
      <filename>faxqclean</filename>

     

       
320
       
320
       
+
       
      each time the spooling area is initialized.

     

       
321
       
321
       
+
       
    '';

     

       
322
       
322
       
+
       
    faxqclean.enable.frequency = mkOption {

     

       
323
       
323
       
+
       
      type = nullOr str1;

     

       
324
       
324
       
+
       
      default = null;

     

       
325
       
325
       
+
       
      example = "daily";

     

       
326
       
326
       
+
       
      description = ''

     

       
327
       
327
       
+
       
        Purge old files from the spooling area with

     

       
328
       
328
       
+
       
        <filename>faxcron</filename> with the given frequency

     

       
329
       
329
       
+
       
        (see systemd.time(7)).

     

       
330
       
330
       
+
       
      '';

     

       
331
       
331
       
+
       
    };

     

       
332
       
332
       
+
       
    faxqclean.archiving = mkOption {

     

       
333
       
333
       
+
       
      type = enum [ "never" "as-flagged" "always" ];

     

       
334
       
334
       
+
       
      default = "as-flagged";

     

       
335
       
335
       
+
       
      example = "always";

     

       
336
       
336
       
+
       
      description = ''

     

       
337
       
337
       
+
       
        Enable or suppress job archiving:

     

       
338
       
338
       
+
       
        <literal>never</literal> disables job archiving,

     

       
339
       
339
       
+
       
        <literal>as-flagged</literal> archives jobs that

     

       
340
       
340
       
+
       
        have been flagged for archiving by sendfax,

     

       
341
       
341
       
+
       
        <literal>always</literal> forces archiving of all jobs.

     

       
342
       
342
       
+
       
        See also sendfax(1) and faxqclean(8).

     

       
343
       
343
       
+
       
      '';

     

       
344
       
344
       
+
       
    };

     

       
345
       
345
       
+
       
    faxqclean.doneqMinutes = mkOption {

     

       
346
       
346
       
+
       
      type = int1;

     

       
347
       
347
       
+
       
      default = 15;

     

       
348
       
348
       
+
       
      example = literalExample ''24*60'';

     

       
349
       
349
       
+
       
      description = ''

     

       
350
       
350
       
+
       
        Set the job

     

       
351
       
351
       
+
       
        age threshold (in minutes) that controls how long

     

       
352
       
352
       
+
       
        jobs may reside in the doneq directory.

     

       
353
       
353
       
+
       
      '';

     

       
354
       
354
       
+
       
    };

     

       
355
       
355
       
+
       
    faxqclean.docqMinutes = mkOption {

     

       
356
       
356
       
+
       
      type = int1;

     

       
357
       
357
       
+
       
      default = 60;

     

       
358
       
358
       
+
       
      example = literalExample ''24*60'';

     

       
359
       
359
       
+
       
      description = ''

     

       
360
       
360
       
+
       
        Set the document

     

       
361
       
361
       
+
       
        age threshold (in minutes) that controls how long

     

       
362
       
362
       
+
       
        unreferenced files may reside in the docq directory.

     

       
363
       
363
       
+
       
      '';

     

       
364
       
364
       
+
       
    };

     

       
365
       
365
       
+
       


     

       
366
       
366
       
+
       
  };

     

       
367
       
367
       
+
       


     

       
368
       
368
       
+
       


     

       
369
       
369
       
+
       
  config.services.hylafax =

     

       
370
       
370
       
+
       
    mkIf

     

       
371
       
371
       
+
       
    (config.services.hylafax.enable)

     

       
372
       
372
       
+
       
    (mkMerge [ defaultConfig localConfig ])

     

       
373
       
373
       
+
       
  ;

     

       
374
       
374
       
+
       


     

       
375
       
375
       
+
       
}

     

···

       
1
       
1
       
+
       
#! @shell@ -e

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       
# The following lines create/update the HylaFAX spool directory:

     

       
4
       
4
       
+
       
# Subdirectories/files with persistent data are kept,

     

       
5
       
5
       
+
       
# other directories/files are removed/recreated,

     

       
6
       
6
       
+
       
# mostly from the template spool

     

       
7
       
7
       
+
       
# directory in the HylaFAX package.

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
# This block explains how the spool area is

     

       
10
       
10
       
+
       
# derived from the spool template in the HylaFAX package:

     

       
11
       
11
       
+
       
#

     

       
12
       
12
       
+
       
#                  + capital letter: directory; file otherwise

     

       
13
       
13
       
+
       
#                  + P/p: persistent directory

     

       
14
       
14
       
+
       
#                  + F/f: directory with symlinks per entry

     

       
15
       
15
       
+
       
#                  + T/t: temporary data

     

       
16
       
16
       
+
       
#                  + S/s: single symlink into package

     

       
17
       
17
       
+
       
#                  |

     

       
18
       
18
       
+
       
#                  | + u: change ownership to uucp:uucp

     

       
19
       
19
       
+
       
#                  | + U: ..also change access mode to user-only

     

       
20
       
20
       
+
       
#                  | |

     

       
21
       
21
       
+
       
# archive          P U

     

       
22
       
22
       
+
       
# bin              S

     

       
23
       
23
       
+
       
# client           T u  (client connection info)

     

       
24
       
24
       
+
       
# config           S

     

       
25
       
25
       
+
       
# COPYRIGHT        s

     

       
26
       
26
       
+
       
# dev              T u  (maybe some FIFOs)

     

       
27
       
27
       
+
       
# docq             P U

     

       
28
       
28
       
+
       
# doneq            P U

     

       
29
       
29
       
+
       
# etc              F    contains customized config files!

     

       
30
       
30
       
+
       
# etc/hosts.hfaxd  f

     

       
31
       
31
       
+
       
# etc/xferfaxlog   f

     

       
32
       
32
       
+
       
# info             P u  (database of called devices)

     

       
33
       
33
       
+
       
# log              P u  (communication logs)

     

       
34
       
34
       
+
       
# pollq            P U

     

       
35
       
35
       
+
       
# recvq            P u

     

       
36
       
36
       
+
       
# sendq            P U

     

       
37
       
37
       
+
       
# status           T u  (modem status info files)

     

       
38
       
38
       
+
       
# tmp              T U

     

       
39
       
39
       
+
       


     

       
40
       
40
       
+
       


     

       
41
       
41
       
+
       
shopt -s dotglob  # if bash sees "*", it also includes dot files

     

       
42
       
42
       
+
       
lnsym () { ln --symbol "$@" ; }

     

       
43
       
43
       
+
       
lnsymfrc () { ln --symbolic --force "$@" ; }

     

       
44
       
44
       
+
       
cprd () { cp --remove-destination "$@" ; }

     

       
45
       
45
       
+
       
update () { install --owner=@faxuser@ --group=@faxgroup@ "$@" ; }

     

       
46
       
46
       
+
       


     

       
47
       
47
       
+
       


     

       
48
       
48
       
+
       
## create/update spooling area

     

       
49
       
49
       
+
       


     

       
50
       
50
       
+
       
update --mode=0750 -d "@spoolAreaPath@"

     

       
51
       
51
       
+
       
cd "@spoolAreaPath@"

     

       
52
       
52
       
+
       


     

       
53
       
53
       
+
       
persist=(archive docq doneq info log pollq recvq sendq)

     

       
54
       
54
       
+
       


     

       
55
       
55
       
+
       
# remove entries that don't belong here

     

       
56
       
56
       
+
       
touch dummy  # ensure "*" resolves to something

     

       
57
       
57
       
+
       
for k in *

     

       
58
       
58
       
+
       
do

     

       
59
       
59
       
+
       
  keep=0

     

       
60
       
60
       
+
       
  for j in "${persist[@]}" xferfaxlog clientlog faxcron.lastrun

     

       
61
       
61
       
+
       
  do

     

       
62
       
62
       
+
       
    if test "$k" == "$j"

     

       
63
       
63
       
+
       
    then

     

       
64
       
64
       
+
       
      keep=1

     

       
65
       
65
       
+
       
      break

     

       
66
       
66
       
+
       
    fi

     

       
67
       
67
       
+
       
  done

     

       
68
       
68
       
+
       
  if test "$keep" == "0"

     

       
69
       
69
       
+
       
  then

     

       
70
       
70
       
+
       
    rm --recursive "$k"

     

       
71
       
71
       
+
       
  fi

     

       
72
       
72
       
+
       
done

     

       
73
       
73
       
+
       


     

       
74
       
74
       
+
       
# create persistent data directories (unless they exist already)

     

       
75
       
75
       
+
       
update --mode=0700 -d "${persist[@]}"

     

       
76
       
76
       
+
       
chmod 0755 info log recvq

     

       
77
       
77
       
+
       


     

       
78
       
78
       
+
       
# create ``xferfaxlog``, ``faxcron.lastrun``, ``clientlog``

     

       
79
       
79
       
+
       
touch clientlog faxcron.lastrun xferfaxlog

     

       
80
       
80
       
+
       
chown @faxuser@:@faxgroup@ clientlog faxcron.lastrun xferfaxlog

     

       
81
       
81
       
+
       


     

       
82
       
82
       
+
       
# create symlinks for frozen directories/files

     

       
83
       
83
       
+
       
lnsym --target-directory=. "@hylafax@"/spool/{COPYRIGHT,bin,config}

     

       
84
       
84
       
+
       


     

       
85
       
85
       
+
       
# create empty temporary directories

     

       
86
       
86
       
+
       
update --mode=0700 -d client dev status

     

       
87
       
87
       
+
       
update -d tmp

     

       
88
       
88
       
+
       


     

       
89
       
89
       
+
       


     

       
90
       
90
       
+
       
## create and fill etc

     

       
91
       
91
       
+
       


     

       
92
       
92
       
+
       
install -d "@spoolAreaPath@/etc"

     

       
93
       
93
       
+
       
cd "@spoolAreaPath@/etc"

     

       
94
       
94
       
+
       


     

       
95
       
95
       
+
       
# create symlinks to all files in template's etc

     

       
96
       
96
       
+
       
lnsym --target-directory=. "@hylafax@/spool/etc"/*

     

       
97
       
97
       
+
       


     

       
98
       
98
       
+
       
# set LOCKDIR in setup.cache

     

       
99
       
99
       
+
       
sed --regexp-extended 's|^(UUCP_LOCKDIR=).*$|\1'"'@lockPath@'|g" --in-place setup.cache

     

       
100
       
100
       
+
       


     

       
101
       
101
       
+
       
# etc/{xferfaxlog,lastrun} are stored in the spool root

     

       
102
       
102
       
+
       
lnsymfrc --target-directory=. ../xferfaxlog

     

       
103
       
103
       
+
       
lnsymfrc --no-target-directory ../faxcron.lastrun lastrun

     

       
104
       
104
       
+
       


     

       
105
       
105
       
+
       
# etc/hosts.hfaxd is provided by the NixOS configuration

     

       
106
       
106
       
+
       
lnsymfrc --no-target-directory "@userAccessFile@" hosts.hfaxd

     

       
107
       
107
       
+
       


     

       
108
       
108
       
+
       
# etc/config and etc/config.${DEVID} must be copied:

     

       
109
       
109
       
+
       
# hfaxd reads these file after locking itself up in a chroot

     

       
110
       
110
       
+
       
cprd --no-target-directory "@globalConfigPath@" config

     

       
111
       
111
       
+
       
cprd --target-directory=. "@modemConfigPath@"/*

     

···

       
1
       
1
       
+
       
{ config, lib, pkgs, ... }:

     

       
2
       
2
       
+
       


     

       
3
       
3
       
+
       


     

       
4
       
4
       
+
       
let

     

       
5
       
5
       
+
       


     

       
6
       
6
       
+
       
  inherit (lib) mkIf mkMerge;

     

       
7
       
7
       
+
       
  inherit (lib) concatStringsSep optionalString;

     

       
8
       
8
       
+
       


     

       
9
       
9
       
+
       
  cfg = config.services.hylafax;

     

       
10
       
10
       
+
       
  mapModems = lib.flip map (lib.attrValues cfg.modems);

     

       
11
       
11
       
+
       


     

       
12
       
12
       
+
       
  mkConfigFile = name: conf:

     

       
13
       
13
       
+
       
    # creates hylafax config file,

     

       
14
       
14
       
+
       
    # makes sure "Include" is listed *first*

     

       
15
       
15
       
+
       
    let

     

       
16
       
16
       
+
       
      mkLines = conf:

     

       
17
       
17
       
+
       
        (lib.concatLists

     

       
18
       
18
       
+
       
        (lib.flip lib.mapAttrsToList conf

     

       
19
       
19
       
+
       
        (k: map (v: ''${k}: ${v}'')

     

       
20
       
20
       
+
       
      )));

     

       
21
       
21
       
+
       
      include = mkLines { Include = conf.Include or []; };

     

       
22
       
22
       
+
       
      other = mkLines ( conf // { Include = []; } );

     

       
23
       
23
       
+
       
    in

     

       
24
       
24
       
+
       
      pkgs.writeText ''hylafax-config${name}''

     

       
25
       
25
       
+
       
      (concatStringsSep "\n" (include ++ other));

     

       
26
       
26
       
+
       


     

       
27
       
27
       
+
       
  globalConfigPath = mkConfigFile "" cfg.faxqConfig;

     

       
28
       
28
       
+
       


     

       
29
       
29
       
+
       
  modemConfigPath =

     

       
30
       
30
       
+
       
    let

     

       
31
       
31
       
+
       
      mkModemConfigFile = { config, name, ... }:

     

       
32
       
32
       
+
       
        mkConfigFile ''.${name}''

     

       
33
       
33
       
+
       
        (cfg.commonModemConfig // config);

     

       
34
       
34
       
+
       
      mkLine = { name, type, ... }@modem: ''

     

       
35
       
35
       
+
       
        # check if modem config file exists:

     

       
36
       
36
       
+
       
        test -f "${pkgs.hylafaxplus}/spool/config/${type}"

     

       
37
       
37
       
+
       
        ln \

     

       
38
       
38
       
+
       
          --symbolic \

     

       
39
       
39
       
+
       
          --no-target-directory \

     

       
40
       
40
       
+
       
          "${mkModemConfigFile modem}" \

     

       
41
       
41
       
+
       
          "$out/config.${name}"

     

       
42
       
42
       
+
       
      '';

     

       
43
       
43
       
+
       
    in

     

       
44
       
44
       
+
       
      pkgs.runCommand "hylafax-config-modems" {}

     

       
45
       
45
       
+
       
      ''mkdir --parents "$out/" ${concatStringsSep "\n" (mapModems mkLine)}'';

     

       
46
       
46
       
+
       


     

       
47
       
47
       
+
       
  setupSpoolScript = pkgs.substituteAll {

     

       
48
       
48
       
+
       
    name = "hylafax-setup-spool.sh";

     

       
49
       
49
       
+
       
    src = ./spool.sh;

     

       
50
       
50
       
+
       
    isExecutable = true;

     

       
51
       
51
       
+
       
    inherit (pkgs.stdenv) shell;

     

       
52
       
52
       
+
       
    hylafax = pkgs.hylafaxplus;

     

       
53
       
53
       
+
       
    faxuser = "uucp";

     

       
54
       
54
       
+
       
    faxgroup = "uucp";

     

       
55
       
55
       
+
       
    lockPath = "/var/lock";

     

       
56
       
56
       
+
       
    inherit globalConfigPath modemConfigPath;

     

       
57
       
57
       
+
       
    inherit (cfg) sendmailPath spoolAreaPath userAccessFile;

     

       
58
       
58
       
+
       
  };

     

       
59
       
59
       
+
       


     

       
60
       
60
       
+
       
  waitFaxqScript = pkgs.substituteAll {

     

       
61
       
61
       
+
       
    # This script checks the modems status files

     

       
62
       
62
       
+
       
    # and waits until all modems report readiness.

     

       
63
       
63
       
+
       
    name = "hylafax-faxq-wait-start.sh";

     

       
64
       
64
       
+
       
    src = ./faxq-wait.sh;

     

       
65
       
65
       
+
       
    isExecutable = true;

     

       
66
       
66
       
+
       
    timeoutSec = toString 10;

     

       
67
       
67
       
+
       
    inherit (pkgs.stdenv) shell;

     

       
68
       
68
       
+
       
    inherit (cfg) spoolAreaPath;

     

       
69
       
69
       
+
       
  };

     

       
70
       
70
       
+
       


     

       
71
       
71
       
+
       
  sockets."hylafax-hfaxd" = {

     

       
72
       
72
       
+
       
    description = "HylaFAX server socket";

     

       
73
       
73
       
+
       
    documentation = [ "man:hfaxd(8)" ];

     

       
74
       
74
       
+
       
    wantedBy = [ "multi-user.target" ];

     

       
75
       
75
       
+
       
    listenStreams = [ "127.0.0.1:4559" ];

     

       
76
       
76
       
+
       
    socketConfig.FreeBind = true;

     

       
77
       
77
       
+
       
    socketConfig.Accept = true;

     

       
78
       
78
       
+
       
  };

     

       
79
       
79
       
+
       


     

       
80
       
80
       
+
       
  paths."hylafax-faxq" = {

     

       
81
       
81
       
+
       
    description = "HylaFAX queue manager sendq watch";

     

       
82
       
82
       
+
       
    documentation = [ "man:faxq(8)" "man:sendq(5)" ];

     

       
83
       
83
       
+
       
    wantedBy = [ "multi-user.target" ];

     

       
84
       
84
       
+
       
    pathConfig.PathExistsGlob = [ ''${cfg.spoolAreaPath}/sendq/q*'' ];

     

       
85
       
85
       
+
       
  };

     

       
86
       
86
       
+
       


     

       
87
       
87
       
+
       
  timers = mkMerge [

     

       
88
       
88
       
+
       
    (

     

       
89
       
89
       
+
       
      mkIf (cfg.faxcron.enable.frequency!=null)

     

       
90
       
90
       
+
       
      { "hylafax-faxcron".timerConfig.Persistent = true; }

     

       
91
       
91
       
+
       
    )

     

       
92
       
92
       
+
       
    (

     

       
93
       
93
       
+
       
      mkIf (cfg.faxqclean.enable.frequency!=null)

     

       
94
       
94
       
+
       
      { "hylafax-faxqclean".timerConfig.Persistent = true; }

     

       
95
       
95
       
+
       
    )

     

       
96
       
96
       
+
       
  ];

     

       
97
       
97
       
+
       


     

       
98
       
98
       
+
       
  hardenService =

     

       
99
       
99
       
+
       
    # Add some common systemd service hardening settings,

     

       
100
       
100
       
+
       
    # but allow each service (here) to override

     

       
101
       
101
       
+
       
    # settings by explicitely setting those to `null`.

     

       
102
       
102
       
+
       
    # More hardening would be nice but makes

     

       
103
       
103
       
+
       
    # customizing hylafax setups very difficult.

     

       
104
       
104
       
+
       
    # If at all, it should only be added along

     

       
105
       
105
       
+
       
    # with some options to customize it.

     

       
106
       
106
       
+
       
    let

     

       
107
       
107
       
+
       
      hardening = {

     

       
108
       
108
       
+
       
        PrivateDevices = true;  # breaks /dev/tty...

     

       
109
       
109
       
+
       
        PrivateNetwork = true;

     

       
110
       
110
       
+
       
        PrivateTmp = true;

     

       
111
       
111
       
+
       
        ProtectControlGroups = true;

     

       
112
       
112
       
+
       
        #ProtectHome = true;  # breaks custom spool dirs

     

       
113
       
113
       
+
       
        ProtectKernelModules = true;

     

       
114
       
114
       
+
       
        ProtectKernelTunables = true;

     

       
115
       
115
       
+
       
        #ProtectSystem = "strict";  # breaks custom spool dirs

     

       
116
       
116
       
+
       
        RestrictNamespaces = true;

     

       
117
       
117
       
+
       
        RestrictRealtime = true;

     

       
118
       
118
       
+
       
      };

     

       
119
       
119
       
+
       
      filter = key: value: (value != null) || ! (lib.hasAttr key hardening);

     

       
120
       
120
       
+
       
      apply = service: lib.filterAttrs filter (hardening // (service.serviceConfig or {}));

     

       
121
       
121
       
+
       
    in

     

       
122
       
122
       
+
       
      service: service // { serviceConfig = apply service; };

     

       
123
       
123
       
+
       


     

       
124
       
124
       
+
       
  services."hylafax-spool" = {

     

       
125
       
125
       
+
       
    description = "HylaFAX spool area preparation";

     

       
126
       
126
       
+
       
    documentation = [ "man:hylafax-server(4)" ];

     

       
127
       
127
       
+
       
    script = ''

     

       
128
       
128
       
+
       
      ${setupSpoolScript}

     

       
129
       
129
       
+
       
      cd "${cfg.spoolAreaPath}"

     

       
130
       
130
       
+
       
      ${cfg.spoolExtraInit}

     

       
131
       
131
       
+
       
      if ! test -f "${cfg.spoolAreaPath}/etc/hosts.hfaxd"

     

       
132
       
132
       
+
       
      then

     

       
133
       
133
       
+
       
        echo hosts.hfaxd is missing

     

       
134
       
134
       
+
       
        exit 1

     

       
135
       
135
       
+
       
      fi

     

       
136
       
136
       
+
       
    '';

     

       
137
       
137
       
+
       
    serviceConfig.ExecStop = ''${setupSpoolScript}'';

     

       
138
       
138
       
+
       
    serviceConfig.RemainAfterExit = true;

     

       
139
       
139
       
+
       
    serviceConfig.Type = "oneshot";

     

       
140
       
140
       
+
       
    unitConfig.RequiresMountsFor = [ cfg.spoolAreaPath ];

     

       
141
       
141
       
+
       
  };

     

       
142
       
142
       
+
       


     

       
143
       
143
       
+
       
  services."hylafax-faxq" = {

     

       
144
       
144
       
+
       
    description = "HylaFAX queue manager";

     

       
145
       
145
       
+
       
    documentation = [ "man:faxq(8)" ];

     

       
146
       
146
       
+
       
    requires = [ "hylafax-spool.service" ];

     

       
147
       
147
       
+
       
    after = [ "hylafax-spool.service" ];

     

       
148
       
148
       
+
       
    wants = mapModems ( { name, ... }: ''hylafax-faxgetty@${name}.service'' );

     

       
149
       
149
       
+
       
    wantedBy = mkIf cfg.autostart [ "multi-user.target" ];

     

       
150
       
150
       
+
       
    serviceConfig.Type = "forking";

     

       
151
       
151
       
+
       
    serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/faxq -q "${cfg.spoolAreaPath}"'';

     

       
152
       
152
       
+
       
    # This delays the "readiness" of this service until

     

       
153
       
153
       
+
       
    # all modems are initialized (or a timeout is reached).

     

       
154
       
154
       
+
       
    # Otherwise, sending a fax with the fax service

     

       
155
       
155
       
+
       
    # stopped will always yield a failed send attempt:

     

       
156
       
156
       
+
       
    # The fax service is started when the job is created with

     

       
157
       
157
       
+
       
    # `sendfax`, but modems need some time to initialize.

     

       
158
       
158
       
+
       
    serviceConfig.ExecStartPost = [ ''${waitFaxqScript}'' ];

     

       
159
       
159
       
+
       
    # faxquit fails if the pipe is already gone

     

       
160
       
160
       
+
       
    # (e.g. the service is already stopping)

     

       
161
       
161
       
+
       
    serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}"'';

     

       
162
       
162
       
+
       
    # disable some systemd hardening settings

     

       
163
       
163
       
+
       
    serviceConfig.PrivateDevices = null;

     

       
164
       
164
       
+
       
    serviceConfig.RestrictRealtime = null;

     

       
165
       
165
       
+
       
  };

     

       
166
       
166
       
+
       


     

       
167
       
167
       
+
       
  services."hylafax-hfaxd@" = {

     

       
168
       
168
       
+
       
    description = "HylaFAX server";

     

       
169
       
169
       
+
       
    documentation = [ "man:hfaxd(8)" ];

     

       
170
       
170
       
+
       
    after = [ "hylafax-faxq.service" ];

     

       
171
       
171
       
+
       
    requires = [ "hylafax-faxq.service" ];

     

       
172
       
172
       
+
       
    serviceConfig.StandardInput = "socket";

     

       
173
       
173
       
+
       
    serviceConfig.StandardOutput = "socket";

     

       
174
       
174
       
+
       
    serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/hfaxd -q "${cfg.spoolAreaPath}" -d -I'';

     

       
175
       
175
       
+
       
    unitConfig.RequiresMountsFor = [ cfg.userAccessFile ];

     

       
176
       
176
       
+
       
    # disable some systemd hardening settings

     

       
177
       
177
       
+
       
    serviceConfig.PrivateDevices = null;

     

       
178
       
178
       
+
       
    serviceConfig.PrivateNetwork = null;

     

       
179
       
179
       
+
       
  };

     

       
180
       
180
       
+
       


     

       
181
       
181
       
+
       
  services."hylafax-faxcron" = rec {

     

       
182
       
182
       
+
       
    description = "HylaFAX spool area maintenance";

     

       
183
       
183
       
+
       
    documentation = [ "man:faxcron(8)" ];

     

       
184
       
184
       
+
       
    after = [ "hylafax-spool.service" ];

     

       
185
       
185
       
+
       
    requires = [ "hylafax-spool.service" ];

     

       
186
       
186
       
+
       
    wantedBy = mkIf cfg.faxcron.enable.spoolInit requires;

     

       
187
       
187
       
+
       
    startAt = mkIf (cfg.faxcron.enable.frequency!=null) cfg.faxcron.enable.frequency;

     

       
188
       
188
       
+
       
    serviceConfig.ExecStart = concatStringsSep " " [

     

       
189
       
189
       
+
       
      ''${pkgs.hylafaxplus}/spool/bin/faxcron''

     

       
190
       
190
       
+
       
      ''-q "${cfg.spoolAreaPath}"''

     

       
191
       
191
       
+
       
      ''-info ${toString cfg.faxcron.infoDays}''

     

       
192
       
192
       
+
       
      ''-log  ${toString cfg.faxcron.logDays}''

     

       
193
       
193
       
+
       
      ''-rcv  ${toString cfg.faxcron.rcvDays}''

     

       
194
       
194
       
+
       
    ];

     

       
195
       
195
       
+
       
  };

     

       
196
       
196
       
+
       


     

       
197
       
197
       
+
       
  services."hylafax-faxqclean" = rec {

     

       
198
       
198
       
+
       
    description = "HylaFAX spool area queue cleaner";

     

       
199
       
199
       
+
       
    documentation = [ "man:faxqclean(8)" ];

     

       
200
       
200
       
+
       
    after = [ "hylafax-spool.service" ];

     

       
201
       
201
       
+
       
    requires = [ "hylafax-spool.service" ];

     

       
202
       
202
       
+
       
    wantedBy = mkIf cfg.faxqclean.enable.spoolInit requires;

     

       
203
       
203
       
+
       
    startAt = mkIf (cfg.faxqclean.enable.frequency!=null) cfg.faxqclean.enable.frequency;

     

       
204
       
204
       
+
       
    serviceConfig.ExecStart = concatStringsSep " " [

     

       
205
       
205
       
+
       
      ''${pkgs.hylafaxplus}/spool/bin/faxqclean''

     

       
206
       
206
       
+
       
      ''-q "${cfg.spoolAreaPath}"''

     

       
207
       
207
       
+
       
      ''-v''

     

       
208
       
208
       
+
       
      (optionalString (cfg.faxqclean.archiving!="never") ''-a'')

     

       
209
       
209
       
+
       
      (optionalString (cfg.faxqclean.archiving=="always")  ''-A'')

     

       
210
       
210
       
+
       
      ''-j ${toString (cfg.faxqclean.doneqMinutes*60)}''

     

       
211
       
211
       
+
       
      ''-d ${toString (cfg.faxqclean.docqMinutes*60)}''

     

       
212
       
212
       
+
       
    ];

     

       
213
       
213
       
+
       
  };

     

       
214
       
214
       
+
       


     

       
215
       
215
       
+
       
  mkFaxgettyService = { name, ... }:

     

       
216
       
216
       
+
       
    lib.nameValuePair ''hylafax-faxgetty@${name}'' rec {

     

       
217
       
217
       
+
       
      description = "HylaFAX faxgetty for %I";

     

       
218
       
218
       
+
       
      documentation = [ "man:faxgetty(8)" ];

     

       
219
       
219
       
+
       
      bindsTo = [ "dev-%i.device" ];

     

       
220
       
220
       
+
       
      requires = [ "hylafax-spool.service" ];

     

       
221
       
221
       
+
       
      after = bindsTo ++ requires;

     

       
222
       
222
       
+
       
      before = [ "hylafax-faxq.service" "getty.target" ];

     

       
223
       
223
       
+
       
      unitConfig.StopWhenUnneeded = true;

     

       
224
       
224
       
+
       
      unitConfig.AssertFileNotEmpty = ''${cfg.spoolAreaPath}/etc/config.%I'';

     

       
225
       
225
       
+
       
      serviceConfig.UtmpIdentifier = "%I";

     

       
226
       
226
       
+
       
      serviceConfig.TTYPath = "/dev/%I";

     

       
227
       
227
       
+
       
      serviceConfig.Restart = "always";

     

       
228
       
228
       
+
       
      serviceConfig.KillMode = "process";

     

       
229
       
229
       
+
       
      serviceConfig.IgnoreSIGPIPE = false;

     

       
230
       
230
       
+
       
      serviceConfig.ExecStart = ''-${pkgs.hylafaxplus}/spool/bin/faxgetty -q "${cfg.spoolAreaPath}" /dev/%I'';

     

       
231
       
231
       
+
       
      # faxquit fails if the pipe is already gone

     

       
232
       
232
       
+
       
      # (e.g. the service is already stopping)

     

       
233
       
233
       
+
       
      serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}" %I'';

     

       
234
       
234
       
+
       
      # disable some systemd hardening settings

     

       
235
       
235
       
+
       
      serviceConfig.PrivateDevices = null;

     

       
236
       
236
       
+
       
      serviceConfig.RestrictRealtime = null;

     

       
237
       
237
       
+
       
    };

     

       
238
       
238
       
+
       


     

       
239
       
239
       
+
       
  modemServices =

     

       
240
       
240
       
+
       
    lib.listToAttrs (mapModems mkFaxgettyService);

     

       
241
       
241
       
+
       


     

       
242
       
242
       
+
       
in

     

       
243
       
243
       
+
       


     

       
244
       
244
       
+
       
{

     

       
245
       
245
       
+
       
  config.systemd = mkIf cfg.enable {

     

       
246
       
246
       
+
       
    inherit sockets timers paths;

     

       
247
       
247
       
+
       
    services = lib.mapAttrs (lib.const hardenService) (services // modemServices);

     

       
248
       
248
       
+
       
  };

     

       
249
       
249
       
+
       
}