commit 12fa95f2d696b6babb365a27efef140e7113cc34 · pyrox.dev/nixpkgs

+1 -1

nixos/modules/misc/ids.nix

···

       53
        
             tomcat = 16;

     

       54
        
             #audio = 17; # unused

     

       55
        
             #floppy = 18; # unused

     

       56
       -
             #uucp = 19; # unused

     

       57
        
             #lp = 20; # unused

     

       58
        
             #proc = 21; # unused

     

       59
        
             pulseaudio = 22; # must match `pulseaudio' GID

···

       53
        
             tomcat = 16;

     

       54
        
             #audio = 17; # unused

     

       55
        
             #floppy = 18; # unused

     

       56
       +
             uucp = 19;

     

       57
        
             #lp = 20; # unused

     

       58
        
             #proc = 21; # unused

     

       59
        
             pulseaudio = 22; # must match `pulseaudio' GID

nixos/modules/module-list.nix

···

       517
        
         ./services/networking/heyefi.nix

     

       518
        
         ./services/networking/hostapd.nix

     

       519
        
         ./services/networking/htpdate.nix

     

       0
        
       
     

       520
        
         ./services/networking/i2pd.nix

     

       521
        
         ./services/networking/i2p.nix

     

       522
        
         ./services/networking/iodine.nix

···

       517
        
         ./services/networking/heyefi.nix

     

       518
        
         ./services/networking/hostapd.nix

     

       519
        
         ./services/networking/htpdate.nix

     

       520
       +
         ./services/networking/hylafax/default.nix

     

       521
        
         ./services/networking/i2pd.nix

     

       522
        
         ./services/networking/i2p.nix

     

       523
        
         ./services/networking/iodine.nix

+29

nixos/modules/services/networking/hylafax/default.nix

···

       1
       +
       { config, lib, pkgs, ... }:

     

       2
       +
       

     

       3
       +
       {

     

       4
       +
       

     

       5
       +
         imports = [

     

       6
       +
           ./options.nix

     

       7
       +
           ./systemd.nix

     

       8
       +
         ];

     

       9
       +
       

     

       10
       +
         config = lib.modules.mkIf config.services.hylafax.enable {

     

       11
       +
           environment.systemPackages = [ pkgs.hylafaxplus ];

     

       12
       +
           users.users.uucp = {

     

       13
       +
             uid = config.ids.uids.uucp;

     

       14
       +
             group = "uucp";

     

       15
       +
             description = "Unix-to-Unix CoPy system";

     

       16
       +
             isSystemUser = true;

     

       17
       +
             inherit (config.users.users.nobody) home;

     

       18
       +
           };

     

       19
       +
           assertions = [{

     

       20
       +
             assertion = config.services.hylafax.modems != {};

     

       21
       +
             message = ''

     

       22
       +
               HylaFAX cannot be used without modems.

     

       23
       +
               Please define at least one modem with

     

       24
       +
               <option>config.services.hylafax</option>.

     

       25
       +
             '';

     

       26
       +
           }];

     

       27
       +
         };

     

       28
       +
       

     

       29
       +
       }

+12

nixos/modules/services/networking/hylafax/faxq-default.nix

···

       1
       +
       { ... }:

     

       2
       +
       

     

       3
       +
       # see man:hylafax-config(5)

     

       4
       +
       

     

       5
       +
       {

     

       6
       +
       

     

       7
       +
         ModemGroup = [ ''"any:.*"'' ];

     

       8
       +
         ServerTracing = "0x78701";

     

       9
       +
         SessionTracing = "0x78701";

     

       10
       +
         UUCPLockDir = "/var/lock";

     

       11
       +
       

     

       12
       +
       }

+29

nixos/modules/services/networking/hylafax/faxq-wait.sh

···

       1
       +
       #! @shell@ -e

     

       2
       +
       

     

       3
       +
       # skip this if there are no modems at all

     

       4
       +
       if ! stat -t "@spoolAreaPath@"/etc/config.* >/dev/null 2>&1

     

       5
       +
       then

     

       6
       +
         exit 0

     

       7
       +
       fi

     

       8
       +
       

     

       9
       +
       echo "faxq started, waiting for modem(s) to initialize..."

     

       10
       +
       

     

       11
       +
       for i in `seq @timeoutSec@0 -1 0`  # gracefully timeout

     

       12
       +
       do

     

       13
       +
         sleep 0.1

     

       14
       +
         # done if status files exist, but don't mention initialization

     

       15
       +
         if \

     

       16
       +
           stat -t "@spoolAreaPath@"/status/* >/dev/null 2>&1 \

     

       17
       +
           && \

     

       18
       +
           ! grep --silent --ignore-case 'initializing server' \

     

       19
       +
           "@spoolAreaPath@"/status/*

     

       20
       +
         then

     

       21
       +
           echo "modem(s) apparently ready"

     

       22
       +
           exit 0

     

       23
       +
         fi

     

       24
       +
         # if i reached 0, modems probably failed to initialize

     

       25
       +
         if test $i -eq 0

     

       26
       +
         then

     

       27
       +
           echo "warning: modem initialization timed out"

     

       28
       +
         fi

     

       29
       +
       done

+10

nixos/modules/services/networking/hylafax/hfaxd-default.nix

···

       1
       +
       { ... }:

     

       2
       +
       

     

       3
       +
       # see man:hfaxd(8)

     

       4
       +
       

     

       5
       +
       {

     

       6
       +
       

     

       7
       +
         ServerTracing = "0x91";

     

       8
       +
         XferLogFile = "/clientlog";

     

       9
       +
       

     

       10
       +
       }

+22

nixos/modules/services/networking/hylafax/modem-default.nix

···

       1
       +
       { pkgs, ... }:

     

       2
       +
       

     

       3
       +
       # see man:hylafax-config(5)

     

       4
       +
       

     

       5
       +
       {

     

       6
       +
       

     

       7
       +
         TagLineFont = "etc/LiberationSans-25.pcf";

     

       8
       +
         TagLineLocale = ''en_US.UTF-8'';

     

       9
       +
       

     

       10
       +
         AdminGroup = "root";  # groups that can change server config

     

       11
       +
         AnswerRotary = "fax";  # don't accept anything else but faxes

     

       12
       +
         LogFileMode = "0640";

     

       13
       +
         PriorityScheduling = true;

     

       14
       +
         RecvFileMode = "0640";

     

       15
       +
         ServerTracing = "0x78701";

     

       16
       +
         SessionTracing = "0x78701";

     

       17
       +
         UUCPLockDir = "/var/lock";

     

       18
       +
       

     

       19
       +
         SendPageCmd = ''${pkgs.coreutils}/bin/false'';  # prevent pager transmit

     

       20
       +
         SendUUCPCmd = ''${pkgs.coreutils}/bin/false'';  # prevent UUCP transmit

     

       21
       +
       

     

       22
       +
       }

+375

nixos/modules/services/networking/hylafax/options.nix

···

       1
       +
       { config, lib, pkgs, ... }:

     

       2
       +
       

     

       3
       +
       let

     

       4
       +
       

     

       5
       +
         inherit (lib.options) literalExample mkEnableOption mkOption;

     

       6
       +
         inherit (lib.types) bool enum int lines loaOf nullOr path str submodule;

     

       7
       +
         inherit (lib.modules) mkDefault mkIf mkMerge;

     

       8
       +
       

     

       9
       +
         commonDescr = ''

     

       10
       +
           Values can be either strings or integers

     

       11
       +
           (which will be added to the config file verbatimly)

     

       12
       +
           or lists thereof

     

       13
       +
           (which will be translated to multiple

     

       14
       +
           lines with the same configuration key).

     

       15
       +
           Boolean values are translated to "Yes" or "No".

     

       16
       +
           The default contains some reasonable

     

       17
       +
           configuration to yield an operational system.

     

       18
       +
         '';

     

       19
       +
       

     

       20
       +
         str1 = lib.types.addCheck str (s: s!="");  # non-empty string

     

       21
       +
         int1 = lib.types.addCheck int (i: i>0);  # positive integer

     

       22
       +
       

     

       23
       +
         configAttrType =

     

       24
       +
           # Options in HylaFAX configuration files can be

     

       25
       +
           # booleans, strings, integers, or list thereof

     

       26
       +
           # representing multiple config directives with the same key.

     

       27
       +
           # This type definition resolves all

     

       28
       +
           # those types into a list of strings.

     

       29
       +
           let

     

       30
       +
             inherit (lib.types) attrsOf coercedTo listOf;

     

       31
       +
             innerType = coercedTo bool (x: if x then "Yes" else "No")

     

       32
       +
               (coercedTo int (toString) str);

     

       33
       +
           in

     

       34
       +
             attrsOf (coercedTo innerType lib.singleton (listOf innerType));

     

       35
       +
       

     

       36
       +
         cfg = config.services.hylafax;

     

       37
       +
       

     

       38
       +
         modemConfigOptions = { name, config, ... }: {

     

       39
       +
           options = {

     

       40
       +
             name = mkOption {

     

       41
       +
               type = str1;

     

       42
       +
               example = "ttyS1";

     

       43
       +
               description = ''

     

       44
       +
                 Name of modem device,

     

       45
       +
                 will be searched for in <filename>/dev</filename>.

     

       46
       +
               '';

     

       47
       +
             };

     

       48
       +
             type = mkOption {

     

       49
       +
               type = str1;

     

       50
       +
               example = "cirrus";

     

       51
       +
               description = ''

     

       52
       +
                 Name of modem configuration file,

     

       53
       +
                 will be searched for in <filename>config</filename>

     

       54
       +
                 in the spooling area directory.

     

       55
       +
               '';

     

       56
       +
             };

     

       57
       +
             config = mkOption {

     

       58
       +
               type = configAttrType;

     

       59
       +
               example = {

     

       60
       +
                 AreaCode = "49";

     

       61
       +
                 LocalCode = "30";

     

       62
       +
                 FAXNumber = "123456";

     

       63
       +
                 LocalIdentifier = "LostInBerlin";

     

       64
       +
               };

     

       65
       +
               description = ''

     

       66
       +
                 Attribute set of values for the given modem.

     

       67
       +
                 ${commonDescr}

     

       68
       +
                 Options defined here override options in

     

       69
       +
                 <option>commonModemConfig</option> for this modem.

     

       70
       +
               '';

     

       71
       +
             };

     

       72
       +
           };

     

       73
       +
           config.name = mkDefault name;

     

       74
       +
           config.config.Include = [ "config/${config.type}" ];

     

       75
       +
         };

     

       76
       +
       

     

       77
       +
         defaultConfig =

     

       78
       +
           let

     

       79
       +
             inherit (config.security) wrapperDir;

     

       80
       +
             inherit (config.services.mail.sendmailSetuidWrapper) program;

     

       81
       +
             mkIfDefault = cond: value: mkIf cond (mkDefault value);

     

       82
       +
             noWrapper = config.services.mail.sendmailSetuidWrapper==null;

     

       83
       +
             # If a sendmail setuid wrapper exists,

     

       84
       +
             # we add the path to the default configuration file.

     

       85
       +
             # Otherwise, we use `false` to provoke

     

       86
       +
             # an error if hylafax tries to use it.

     

       87
       +
             c.sendmailPath = mkMerge [

     

       88
       +
               (mkIfDefault noWrapper ''${pkgs.coreutils}/bin/false'')

     

       89
       +
               (mkIfDefault (!noWrapper) ''${wrapperDir}/${program}'')

     

       90
       +
             ];

     

       91
       +
             importDefaultConfig = file:

     

       92
       +
               lib.attrsets.mapAttrs

     

       93
       +
               (lib.trivial.const mkDefault)

     

       94
       +
               (import file { inherit pkgs; });

     

       95
       +
             c.commonModemConfig = importDefaultConfig ./modem-default.nix;

     

       96
       +
             c.faxqConfig = importDefaultConfig ./faxq-default.nix;

     

       97
       +
             c.hfaxdConfig = importDefaultConfig ./hfaxd-default.nix;

     

       98
       +
           in

     

       99
       +
             c;

     

       100
       +
       

     

       101
       +
         localConfig =

     

       102
       +
           let

     

       103
       +
             c.hfaxdConfig.UserAccessFile = cfg.userAccessFile;

     

       104
       +
             c.faxqConfig = lib.attrsets.mapAttrs

     

       105
       +
               (lib.trivial.const (v: mkIf (v!=null) v))

     

       106
       +
               {

     

       107
       +
                 AreaCode = cfg.areaCode;

     

       108
       +
                 CountryCode = cfg.countryCode;

     

       109
       +
                 LongDistancePrefix = cfg.longDistancePrefix;

     

       110
       +
                 InternationalPrefix = cfg.internationalPrefix;

     

       111
       +
               };

     

       112
       +
             c.commonModemConfig = c.faxqConfig;

     

       113
       +
           in

     

       114
       +
             c;

     

       115
       +
       

     

       116
       +
       in

     

       117
       +
       

     

       118
       +
       

     

       119
       +
       {

     

       120
       +
       

     

       121
       +
       

     

       122
       +
         options.services.hylafax = {

     

       123
       +
       

     

       124
       +
           enable = mkEnableOption ''HylaFAX server'';

     

       125
       +
       

     

       126
       +
           autostart = mkOption {

     

       127
       +
             type = bool;

     

       128
       +
             default = true;

     

       129
       +
             example = false;

     

       130
       +
             description = ''

     

       131
       +
               Autostart the HylaFAX queue manager at system start.

     

       132
       +
               If this is <literal>false</literal>, the queue manager

     

       133
       +
               will still be started if there are pending

     

       134
       +
               jobs or if a user tries to connect to it.

     

       135
       +
             '';

     

       136
       +
           };

     

       137
       +
       

     

       138
       +
           countryCode = mkOption {

     

       139
       +
             type = nullOr str1;

     

       140
       +
             default = null;

     

       141
       +
             example = "49";

     

       142
       +
             description = ''Country code for server and all modems.'';

     

       143
       +
           };

     

       144
       +
       

     

       145
       +
           areaCode = mkOption {

     

       146
       +
             type = nullOr str1;

     

       147
       +
             default = null;

     

       148
       +
             example = "30";

     

       149
       +
             description = ''Area code for server and all modems.'';

     

       150
       +
           };

     

       151
       +
       

     

       152
       +
           longDistancePrefix = mkOption {

     

       153
       +
             type = nullOr str;

     

       154
       +
             default = null;

     

       155
       +
             example = "0";

     

       156
       +
             description = ''Long distance prefix for server and all modems.'';

     

       157
       +
           };

     

       158
       +
       

     

       159
       +
           internationalPrefix = mkOption {

     

       160
       +
             type = nullOr str;

     

       161
       +
             default = null;

     

       162
       +
             example = "00";

     

       163
       +
             description = ''International prefix for server and all modems.'';

     

       164
       +
           };

     

       165
       +
       

     

       166
       +
           spoolAreaPath = mkOption {

     

       167
       +
             type = path;

     

       168
       +
             default = "/var/spool/fax";

     

       169
       +
             description = ''

     

       170
       +
               The spooling area will be created/maintained

     

       171
       +
               at the location given here.

     

       172
       +
             '';

     

       173
       +
           };

     

       174
       +
       

     

       175
       +
           userAccessFile = mkOption {

     

       176
       +
             type = path;

     

       177
       +
             default = "/etc/hosts.hfaxd";

     

       178
       +
             description = ''

     

       179
       +
               The <filename>hosts.hfaxd</filename>

     

       180
       +
               file entry in the spooling area

     

       181
       +
               will be symlinked to the location given here.

     

       182
       +
               This file must exist and be

     

       183
       +
               readable only by the <literal>uucp</literal> user.

     

       184
       +
               See hosts.hfaxd(5) for details.

     

       185
       +
               This configuration permits access for all users:

     

       186
       +
               <literal>

     

       187
       +
                 environment.etc."hosts.hfaxd" = {

     

       188
       +
                   mode = "0600";

     

       189
       +
                   user = "uucp";

     

       190
       +
                   text = ".*";

     

       191
       +
                 };

     

       192
       +
               </literal>

     

       193
       +
               Note that host-based access can be controlled with

     

       194
       +
               <option>config.systemd.sockets.hylafax-hfaxd.listenStreams</option>;

     

       195
       +
               by default, only 127.0.0.1 is permitted to connect.

     

       196
       +
             '';

     

       197
       +
           };

     

       198
       +
       

     

       199
       +
           sendmailPath = mkOption {

     

       200
       +
             type = path;

     

       201
       +
             example = literalExample "''${pkgs.postfix}/bin/sendmail";

     

       202
       +
             # '' ;  # fix vim

     

       203
       +
             description = ''

     

       204
       +
               Path to <filename>sendmail</filename> program.

     

       205
       +
               The default uses the local sendmail wrapper

     

       206
       +
               (see <option>config.services.mail.sendmailSetuidWrapper</option>),

     

       207
       +
               otherwise the <filename>false</filename>

     

       208
       +
               binary to cause an error if used.

     

       209
       +
             '';

     

       210
       +
           };

     

       211
       +
       

     

       212
       +
           hfaxdConfig = mkOption {

     

       213
       +
             type = configAttrType;

     

       214
       +
             example.RecvqProtection = "0400";

     

       215
       +
             description = ''

     

       216
       +
               Attribute set of lines for the global

     

       217
       +
               hfaxd config file <filename>etc/hfaxd.conf</filename>.

     

       218
       +
               ${commonDescr}

     

       219
       +
             '';

     

       220
       +
           };

     

       221
       +
       

     

       222
       +
           faxqConfig = mkOption {

     

       223
       +
             type = configAttrType;

     

       224
       +
             example = {

     

       225
       +
               InternationalPrefix = "00";

     

       226
       +
               LongDistancePrefix = "0";

     

       227
       +
             };

     

       228
       +
             description = ''

     

       229
       +
               Attribute set of lines for the global

     

       230
       +
               faxq config file <filename>etc/config</filename>.

     

       231
       +
               ${commonDescr}

     

       232
       +
             '';

     

       233
       +
           };

     

       234
       +
       

     

       235
       +
           commonModemConfig = mkOption {

     

       236
       +
             type = configAttrType;

     

       237
       +
             example = {

     

       238
       +
               InternationalPrefix = "00";

     

       239
       +
               LongDistancePrefix = "0";

     

       240
       +
             };

     

       241
       +
             description = ''

     

       242
       +
               Attribute set of default values for

     

       243
       +
               modem config files <filename>etc/config.*</filename>.

     

       244
       +
               ${commonDescr}

     

       245
       +
               Think twice before changing

     

       246
       +
               paths of fax-processing scripts.

     

       247
       +
             '';

     

       248
       +
           };

     

       249
       +
       

     

       250
       +
           modems = mkOption {

     

       251
       +
             type = loaOf (submodule [ modemConfigOptions ]);

     

       252
       +
             default = {};

     

       253
       +
             example.ttyS1 = {

     

       254
       +
               type = "cirrus";

     

       255
       +
               config = {

     

       256
       +
                 FAXNumber = "123456";

     

       257
       +
                 LocalIdentifier = "Smith";

     

       258
       +
               };

     

       259
       +
             };

     

       260
       +
             description = ''

     

       261
       +
               Description of installed modems.

     

       262
       +
               At least on modem must be defined

     

       263
       +
               to enable the HylaFAX server.

     

       264
       +
             '';

     

       265
       +
           };

     

       266
       +
       

     

       267
       +
           spoolExtraInit = mkOption {

     

       268
       +
             type = lines;

     

       269
       +
             default = "";

     

       270
       +
             example = ''chmod 0755 .  # everyone may read my faxes'';

     

       271
       +
             description = ''

     

       272
       +
               Additional shell code that is executed within the

     

       273
       +
               spooling area directory right after its setup.

     

       274
       +
             '';

     

       275
       +
           };

     

       276
       +
       

     

       277
       +
           faxcron.enable.spoolInit = mkEnableOption ''

     

       278
       +
             Purge old files from the spooling area with

     

       279
       +
             <filename>faxcron</filename>

     

       280
       +
             each time the spooling area is initialized.

     

       281
       +
           '';

     

       282
       +
           faxcron.enable.frequency = mkOption {

     

       283
       +
             type = nullOr str1;

     

       284
       +
             default = null;

     

       285
       +
             example = "daily";

     

       286
       +
             description = ''

     

       287
       +
               Purge old files from the spooling area with

     

       288
       +
               <filename>faxcron</filename> with the given frequency

     

       289
       +
               (see systemd.time(7)).

     

       290
       +
             '';

     

       291
       +
           };

     

       292
       +
           faxcron.infoDays = mkOption {

     

       293
       +
             type = int1;

     

       294
       +
             default = 30;

     

       295
       +
             description = ''

     

       296
       +
               Set the expiration time for data in the

     

       297
       +
               remote machine information directory in days.

     

       298
       +
             '';

     

       299
       +
           };

     

       300
       +
           faxcron.logDays = mkOption {

     

       301
       +
             type = int1;

     

       302
       +
             default = 30;

     

       303
       +
             description = ''

     

       304
       +
               Set the expiration time for

     

       305
       +
               session trace log files in days.

     

       306
       +
             '';

     

       307
       +
           };

     

       308
       +
           faxcron.rcvDays = mkOption {

     

       309
       +
             type = int1;

     

       310
       +
             default = 7;

     

       311
       +
             description = ''

     

       312
       +
               Set the expiration time for files in

     

       313
       +
               the received facsimile queue in days.

     

       314
       +
             '';

     

       315
       +
           };

     

       316
       +
       

     

       317
       +
           faxqclean.enable.spoolInit = mkEnableOption ''

     

       318
       +
             Purge old files from the spooling area with

     

       319
       +
             <filename>faxqclean</filename>

     

       320
       +
             each time the spooling area is initialized.

     

       321
       +
           '';

     

       322
       +
           faxqclean.enable.frequency = mkOption {

     

       323
       +
             type = nullOr str1;

     

       324
       +
             default = null;

     

       325
       +
             example = "daily";

     

       326
       +
             description = ''

     

       327
       +
               Purge old files from the spooling area with

     

       328
       +
               <filename>faxcron</filename> with the given frequency

     

       329
       +
               (see systemd.time(7)).

     

       330
       +
             '';

     

       331
       +
           };

     

       332
       +
           faxqclean.archiving = mkOption {

     

       333
       +
             type = enum [ "never" "as-flagged" "always" ];

     

       334
       +
             default = "as-flagged";

     

       335
       +
             example = "always";

     

       336
       +
             description = ''

     

       337
       +
               Enable or suppress job archiving:

     

       338
       +
               <literal>never</literal> disables job archiving,

     

       339
       +
               <literal>as-flagged</literal> archives jobs that

     

       340
       +
               have been flagged for archiving by sendfax,

     

       341
       +
               <literal>always</literal> forces archiving of all jobs.

     

       342
       +
               See also sendfax(1) and faxqclean(8).

     

       343
       +
             '';

     

       344
       +
           };

     

       345
       +
           faxqclean.doneqMinutes = mkOption {

     

       346
       +
             type = int1;

     

       347
       +
             default = 15;

     

       348
       +
             example = literalExample ''24*60'';

     

       349
       +
             description = ''

     

       350
       +
               Set the job

     

       351
       +
               age threshold (in minutes) that controls how long

     

       352
       +
               jobs may reside in the doneq directory.

     

       353
       +
             '';

     

       354
       +
           };

     

       355
       +
           faxqclean.docqMinutes = mkOption {

     

       356
       +
             type = int1;

     

       357
       +
             default = 60;

     

       358
       +
             example = literalExample ''24*60'';

     

       359
       +
             description = ''

     

       360
       +
               Set the document

     

       361
       +
               age threshold (in minutes) that controls how long

     

       362
       +
               unreferenced files may reside in the docq directory.

     

       363
       +
             '';

     

       364
       +
           };

     

       365
       +
       

     

       366
       +
         };

     

       367
       +
       

     

       368
       +
       

     

       369
       +
         config.services.hylafax =

     

       370
       +
           mkIf

     

       371
       +
           (config.services.hylafax.enable)

     

       372
       +
           (mkMerge [ defaultConfig localConfig ])

     

       373
       +
         ;

     

       374
       +
       

     

       375
       +
       }

+111

nixos/modules/services/networking/hylafax/spool.sh

···

       1
       +
       #! @shell@ -e

     

       2
       +
       

     

       3
       +
       # The following lines create/update the HylaFAX spool directory:

     

       4
       +
       # Subdirectories/files with persistent data are kept,

     

       5
       +
       # other directories/files are removed/recreated,

     

       6
       +
       # mostly from the template spool

     

       7
       +
       # directory in the HylaFAX package.

     

       8
       +
       

     

       9
       +
       # This block explains how the spool area is

     

       10
       +
       # derived from the spool template in the HylaFAX package:

     

       11
       +
       #

     

       12
       +
       #                  + capital letter: directory; file otherwise

     

       13
       +
       #                  + P/p: persistent directory

     

       14
       +
       #                  + F/f: directory with symlinks per entry

     

       15
       +
       #                  + T/t: temporary data

     

       16
       +
       #                  + S/s: single symlink into package

     

       17
       +
       #                  |

     

       18
       +
       #                  | + u: change ownership to uucp:uucp

     

       19
       +
       #                  | + U: ..also change access mode to user-only

     

       20
       +
       #                  | |

     

       21
       +
       # archive          P U

     

       22
       +
       # bin              S

     

       23
       +
       # client           T u  (client connection info)

     

       24
       +
       # config           S

     

       25
       +
       # COPYRIGHT        s

     

       26
       +
       # dev              T u  (maybe some FIFOs)

     

       27
       +
       # docq             P U

     

       28
       +
       # doneq            P U

     

       29
       +
       # etc              F    contains customized config files!

     

       30
       +
       # etc/hosts.hfaxd  f

     

       31
       +
       # etc/xferfaxlog   f

     

       32
       +
       # info             P u  (database of called devices)

     

       33
       +
       # log              P u  (communication logs)

     

       34
       +
       # pollq            P U

     

       35
       +
       # recvq            P u

     

       36
       +
       # sendq            P U

     

       37
       +
       # status           T u  (modem status info files)

     

       38
       +
       # tmp              T U

     

       39
       +
       

     

       40
       +
       

     

       41
       +
       shopt -s dotglob  # if bash sees "*", it also includes dot files

     

       42
       +
       lnsym () { ln --symbol "$@" ; }

     

       43
       +
       lnsymfrc () { ln --symbolic --force "$@" ; }

     

       44
       +
       cprd () { cp --remove-destination "$@" ; }

     

       45
       +
       update () { install --owner=@faxuser@ --group=@faxgroup@ "$@" ; }

     

       46
       +
       

     

       47
       +
       

     

       48
       +
       ## create/update spooling area

     

       49
       +
       

     

       50
       +
       update --mode=0750 -d "@spoolAreaPath@"

     

       51
       +
       cd "@spoolAreaPath@"

     

       52
       +
       

     

       53
       +
       persist=(archive docq doneq info log pollq recvq sendq)

     

       54
       +
       

     

       55
       +
       # remove entries that don't belong here

     

       56
       +
       touch dummy  # ensure "*" resolves to something

     

       57
       +
       for k in *

     

       58
       +
       do

     

       59
       +
         keep=0

     

       60
       +
         for j in "${persist[@]}" xferfaxlog clientlog faxcron.lastrun

     

       61
       +
         do

     

       62
       +
           if test "$k" == "$j"

     

       63
       +
           then

     

       64
       +
             keep=1

     

       65
       +
             break

     

       66
       +
           fi

     

       67
       +
         done

     

       68
       +
         if test "$keep" == "0"

     

       69
       +
         then

     

       70
       +
           rm --recursive "$k"

     

       71
       +
         fi

     

       72
       +
       done

     

       73
       +
       

     

       74
       +
       # create persistent data directories (unless they exist already)

     

       75
       +
       update --mode=0700 -d "${persist[@]}"

     

       76
       +
       chmod 0755 info log recvq

     

       77
       +
       

     

       78
       +
       # create ``xferfaxlog``, ``faxcron.lastrun``, ``clientlog``

     

       79
       +
       touch clientlog faxcron.lastrun xferfaxlog

     

       80
       +
       chown @faxuser@:@faxgroup@ clientlog faxcron.lastrun xferfaxlog

     

       81
       +
       

     

       82
       +
       # create symlinks for frozen directories/files

     

       83
       +
       lnsym --target-directory=. "@hylafax@"/spool/{COPYRIGHT,bin,config}

     

       84
       +
       

     

       85
       +
       # create empty temporary directories

     

       86
       +
       update --mode=0700 -d client dev status

     

       87
       +
       update -d tmp

     

       88
       +
       

     

       89
       +
       

     

       90
       +
       ## create and fill etc

     

       91
       +
       

     

       92
       +
       install -d "@spoolAreaPath@/etc"

     

       93
       +
       cd "@spoolAreaPath@/etc"

     

       94
       +
       

     

       95
       +
       # create symlinks to all files in template's etc

     

       96
       +
       lnsym --target-directory=. "@hylafax@/spool/etc"/*

     

       97
       +
       

     

       98
       +
       # set LOCKDIR in setup.cache

     

       99
       +
       sed --regexp-extended 's|^(UUCP_LOCKDIR=).*$|\1'"'@lockPath@'|g" --in-place setup.cache

     

       100
       +
       

     

       101
       +
       # etc/{xferfaxlog,lastrun} are stored in the spool root

     

       102
       +
       lnsymfrc --target-directory=. ../xferfaxlog

     

       103
       +
       lnsymfrc --no-target-directory ../faxcron.lastrun lastrun

     

       104
       +
       

     

       105
       +
       # etc/hosts.hfaxd is provided by the NixOS configuration

     

       106
       +
       lnsymfrc --no-target-directory "@userAccessFile@" hosts.hfaxd

     

       107
       +
       

     

       108
       +
       # etc/config and etc/config.${DEVID} must be copied:

     

       109
       +
       # hfaxd reads these file after locking itself up in a chroot

     

       110
       +
       cprd --no-target-directory "@globalConfigPath@" config

     

       111
       +
       cprd --target-directory=. "@modemConfigPath@"/*

+249

nixos/modules/services/networking/hylafax/systemd.nix

···

       1
       +
       { config, lib, pkgs, ... }:

     

       2
       +
       

     

       3
       +
       

     

       4
       +
       let

     

       5
       +
       

     

       6
       +
         inherit (lib) mkIf mkMerge;

     

       7
       +
         inherit (lib) concatStringsSep optionalString;

     

       8
       +
       

     

       9
       +
         cfg = config.services.hylafax;

     

       10
       +
         mapModems = lib.flip map (lib.attrValues cfg.modems);

     

       11
       +
       

     

       12
       +
         mkConfigFile = name: conf:

     

       13
       +
           # creates hylafax config file,

     

       14
       +
           # makes sure "Include" is listed *first*

     

       15
       +
           let

     

       16
       +
             mkLines = conf:

     

       17
       +
               (lib.concatLists

     

       18
       +
               (lib.flip lib.mapAttrsToList conf

     

       19
       +
               (k: map (v: ''${k}: ${v}'')

     

       20
       +
             )));

     

       21
       +
             include = mkLines { Include = conf.Include or []; };

     

       22
       +
             other = mkLines ( conf // { Include = []; } );

     

       23
       +
           in

     

       24
       +
             pkgs.writeText ''hylafax-config${name}''

     

       25
       +
             (concatStringsSep "\n" (include ++ other));

     

       26
       +
       

     

       27
       +
         globalConfigPath = mkConfigFile "" cfg.faxqConfig;

     

       28
       +
       

     

       29
       +
         modemConfigPath =

     

       30
       +
           let

     

       31
       +
             mkModemConfigFile = { config, name, ... }:

     

       32
       +
               mkConfigFile ''.${name}''

     

       33
       +
               (cfg.commonModemConfig // config);

     

       34
       +
             mkLine = { name, type, ... }@modem: ''

     

       35
       +
               # check if modem config file exists:

     

       36
       +
               test -f "${pkgs.hylafaxplus}/spool/config/${type}"

     

       37
       +
               ln \

     

       38
       +
                 --symbolic \

     

       39
       +
                 --no-target-directory \

     

       40
       +
                 "${mkModemConfigFile modem}" \

     

       41
       +
                 "$out/config.${name}"

     

       42
       +
             '';

     

       43
       +
           in

     

       44
       +
             pkgs.runCommand "hylafax-config-modems" {}

     

       45
       +
             ''mkdir --parents "$out/" ${concatStringsSep "\n" (mapModems mkLine)}'';

     

       46
       +
       

     

       47
       +
         setupSpoolScript = pkgs.substituteAll {

     

       48
       +
           name = "hylafax-setup-spool.sh";

     

       49
       +
           src = ./spool.sh;

     

       50
       +
           isExecutable = true;

     

       51
       +
           inherit (pkgs.stdenv) shell;

     

       52
       +
           hylafax = pkgs.hylafaxplus;

     

       53
       +
           faxuser = "uucp";

     

       54
       +
           faxgroup = "uucp";

     

       55
       +
           lockPath = "/var/lock";

     

       56
       +
           inherit globalConfigPath modemConfigPath;

     

       57
       +
           inherit (cfg) sendmailPath spoolAreaPath userAccessFile;

     

       58
       +
         };

     

       59
       +
       

     

       60
       +
         waitFaxqScript = pkgs.substituteAll {

     

       61
       +
           # This script checks the modems status files

     

       62
       +
           # and waits until all modems report readiness.

     

       63
       +
           name = "hylafax-faxq-wait-start.sh";

     

       64
       +
           src = ./faxq-wait.sh;

     

       65
       +
           isExecutable = true;

     

       66
       +
           timeoutSec = toString 10;

     

       67
       +
           inherit (pkgs.stdenv) shell;

     

       68
       +
           inherit (cfg) spoolAreaPath;

     

       69
       +
         };

     

       70
       +
       

     

       71
       +
         sockets."hylafax-hfaxd" = {

     

       72
       +
           description = "HylaFAX server socket";

     

       73
       +
           documentation = [ "man:hfaxd(8)" ];

     

       74
       +
           wantedBy = [ "multi-user.target" ];

     

       75
       +
           listenStreams = [ "127.0.0.1:4559" ];

     

       76
       +
           socketConfig.FreeBind = true;

     

       77
       +
           socketConfig.Accept = true;

     

       78
       +
         };

     

       79
       +
       

     

       80
       +
         paths."hylafax-faxq" = {

     

       81
       +
           description = "HylaFAX queue manager sendq watch";

     

       82
       +
           documentation = [ "man:faxq(8)" "man:sendq(5)" ];

     

       83
       +
           wantedBy = [ "multi-user.target" ];

     

       84
       +
           pathConfig.PathExistsGlob = [ ''${cfg.spoolAreaPath}/sendq/q*'' ];

     

       85
       +
         };

     

       86
       +
       

     

       87
       +
         timers = mkMerge [

     

       88
       +
           (

     

       89
       +
             mkIf (cfg.faxcron.enable.frequency!=null)

     

       90
       +
             { "hylafax-faxcron".timerConfig.Persistent = true; }

     

       91
       +
           )

     

       92
       +
           (

     

       93
       +
             mkIf (cfg.faxqclean.enable.frequency!=null)

     

       94
       +
             { "hylafax-faxqclean".timerConfig.Persistent = true; }

     

       95
       +
           )

     

       96
       +
         ];

     

       97
       +
       

     

       98
       +
         hardenService =

     

       99
       +
           # Add some common systemd service hardening settings,

     

       100
       +
           # but allow each service (here) to override

     

       101
       +
           # settings by explicitely setting those to `null`.

     

       102
       +
           # More hardening would be nice but makes

     

       103
       +
           # customizing hylafax setups very difficult.

     

       104
       +
           # If at all, it should only be added along

     

       105
       +
           # with some options to customize it.

     

       106
       +
           let

     

       107
       +
             hardening = {

     

       108
       +
               PrivateDevices = true;  # breaks /dev/tty...

     

       109
       +
               PrivateNetwork = true;

     

       110
       +
               PrivateTmp = true;

     

       111
       +
               ProtectControlGroups = true;

     

       112
       +
               #ProtectHome = true;  # breaks custom spool dirs

     

       113
       +
               ProtectKernelModules = true;

     

       114
       +
               ProtectKernelTunables = true;

     

       115
       +
               #ProtectSystem = "strict";  # breaks custom spool dirs

     

       116
       +
               RestrictNamespaces = true;

     

       117
       +
               RestrictRealtime = true;

     

       118
       +
             };

     

       119
       +
             filter = key: value: (value != null) || ! (lib.hasAttr key hardening);

     

       120
       +
             apply = service: lib.filterAttrs filter (hardening // (service.serviceConfig or {}));

     

       121
       +
           in

     

       122
       +
             service: service // { serviceConfig = apply service; };

     

       123
       +
       

     

       124
       +
         services."hylafax-spool" = {

     

       125
       +
           description = "HylaFAX spool area preparation";

     

       126
       +
           documentation = [ "man:hylafax-server(4)" ];

     

       127
       +
           script = ''

     

       128
       +
             ${setupSpoolScript}

     

       129
       +
             cd "${cfg.spoolAreaPath}"

     

       130
       +
             ${cfg.spoolExtraInit}

     

       131
       +
             if ! test -f "${cfg.spoolAreaPath}/etc/hosts.hfaxd"

     

       132
       +
             then

     

       133
       +
               echo hosts.hfaxd is missing

     

       134
       +
               exit 1

     

       135
       +
             fi

     

       136
       +
           '';

     

       137
       +
           serviceConfig.ExecStop = ''${setupSpoolScript}'';

     

       138
       +
           serviceConfig.RemainAfterExit = true;

     

       139
       +
           serviceConfig.Type = "oneshot";

     

       140
       +
           unitConfig.RequiresMountsFor = [ cfg.spoolAreaPath ];

     

       141
       +
         };

     

       142
       +
       

     

       143
       +
         services."hylafax-faxq" = {

     

       144
       +
           description = "HylaFAX queue manager";

     

       145
       +
           documentation = [ "man:faxq(8)" ];

     

       146
       +
           requires = [ "hylafax-spool.service" ];

     

       147
       +
           after = [ "hylafax-spool.service" ];

     

       148
       +
           wants = mapModems ( { name, ... }: ''hylafax-faxgetty@${name}.service'' );

     

       149
       +
           wantedBy = mkIf cfg.autostart [ "multi-user.target" ];

     

       150
       +
           serviceConfig.Type = "forking";

     

       151
       +
           serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/faxq -q "${cfg.spoolAreaPath}"'';

     

       152
       +
           # This delays the "readiness" of this service until

     

       153
       +
           # all modems are initialized (or a timeout is reached).

     

       154
       +
           # Otherwise, sending a fax with the fax service

     

       155
       +
           # stopped will always yield a failed send attempt:

     

       156
       +
           # The fax service is started when the job is created with

     

       157
       +
           # `sendfax`, but modems need some time to initialize.

     

       158
       +
           serviceConfig.ExecStartPost = [ ''${waitFaxqScript}'' ];

     

       159
       +
           # faxquit fails if the pipe is already gone

     

       160
       +
           # (e.g. the service is already stopping)

     

       161
       +
           serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}"'';

     

       162
       +
           # disable some systemd hardening settings

     

       163
       +
           serviceConfig.PrivateDevices = null;

     

       164
       +
           serviceConfig.RestrictRealtime = null;

     

       165
       +
         };

     

       166
       +
       

     

       167
       +
         services."hylafax-hfaxd@" = {

     

       168
       +
           description = "HylaFAX server";

     

       169
       +
           documentation = [ "man:hfaxd(8)" ];

     

       170
       +
           after = [ "hylafax-faxq.service" ];

     

       171
       +
           requires = [ "hylafax-faxq.service" ];

     

       172
       +
           serviceConfig.StandardInput = "socket";

     

       173
       +
           serviceConfig.StandardOutput = "socket";

     

       174
       +
           serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/hfaxd -q "${cfg.spoolAreaPath}" -d -I'';

     

       175
       +
           unitConfig.RequiresMountsFor = [ cfg.userAccessFile ];

     

       176
       +
           # disable some systemd hardening settings

     

       177
       +
           serviceConfig.PrivateDevices = null;

     

       178
       +
           serviceConfig.PrivateNetwork = null;

     

       179
       +
         };

     

       180
       +
       

     

       181
       +
         services."hylafax-faxcron" = rec {

     

       182
       +
           description = "HylaFAX spool area maintenance";

     

       183
       +
           documentation = [ "man:faxcron(8)" ];

     

       184
       +
           after = [ "hylafax-spool.service" ];

     

       185
       +
           requires = [ "hylafax-spool.service" ];

     

       186
       +
           wantedBy = mkIf cfg.faxcron.enable.spoolInit requires;

     

       187
       +
           startAt = mkIf (cfg.faxcron.enable.frequency!=null) cfg.faxcron.enable.frequency;

     

       188
       +
           serviceConfig.ExecStart = concatStringsSep " " [

     

       189
       +
             ''${pkgs.hylafaxplus}/spool/bin/faxcron''

     

       190
       +
             ''-q "${cfg.spoolAreaPath}"''

     

       191
       +
             ''-info ${toString cfg.faxcron.infoDays}''

     

       192
       +
             ''-log  ${toString cfg.faxcron.logDays}''

     

       193
       +
             ''-rcv  ${toString cfg.faxcron.rcvDays}''

     

       194
       +
           ];

     

       195
       +
         };

     

       196
       +
       

     

       197
       +
         services."hylafax-faxqclean" = rec {

     

       198
       +
           description = "HylaFAX spool area queue cleaner";

     

       199
       +
           documentation = [ "man:faxqclean(8)" ];

     

       200
       +
           after = [ "hylafax-spool.service" ];

     

       201
       +
           requires = [ "hylafax-spool.service" ];

     

       202
       +
           wantedBy = mkIf cfg.faxqclean.enable.spoolInit requires;

     

       203
       +
           startAt = mkIf (cfg.faxqclean.enable.frequency!=null) cfg.faxqclean.enable.frequency;

     

       204
       +
           serviceConfig.ExecStart = concatStringsSep " " [

     

       205
       +
             ''${pkgs.hylafaxplus}/spool/bin/faxqclean''

     

       206
       +
             ''-q "${cfg.spoolAreaPath}"''

     

       207
       +
             ''-v''

     

       208
       +
             (optionalString (cfg.faxqclean.archiving!="never") ''-a'')

     

       209
       +
             (optionalString (cfg.faxqclean.archiving=="always")  ''-A'')

     

       210
       +
             ''-j ${toString (cfg.faxqclean.doneqMinutes*60)}''

     

       211
       +
             ''-d ${toString (cfg.faxqclean.docqMinutes*60)}''

     

       212
       +
           ];

     

       213
       +
         };

     

       214
       +
       

     

       215
       +
         mkFaxgettyService = { name, ... }:

     

       216
       +
           lib.nameValuePair ''hylafax-faxgetty@${name}'' rec {

     

       217
       +
             description = "HylaFAX faxgetty for %I";

     

       218
       +
             documentation = [ "man:faxgetty(8)" ];

     

       219
       +
             bindsTo = [ "dev-%i.device" ];

     

       220
       +
             requires = [ "hylafax-spool.service" ];

     

       221
       +
             after = bindsTo ++ requires;

     

       222
       +
             before = [ "hylafax-faxq.service" "getty.target" ];

     

       223
       +
             unitConfig.StopWhenUnneeded = true;

     

       224
       +
             unitConfig.AssertFileNotEmpty = ''${cfg.spoolAreaPath}/etc/config.%I'';

     

       225
       +
             serviceConfig.UtmpIdentifier = "%I";

     

       226
       +
             serviceConfig.TTYPath = "/dev/%I";

     

       227
       +
             serviceConfig.Restart = "always";

     

       228
       +
             serviceConfig.KillMode = "process";

     

       229
       +
             serviceConfig.IgnoreSIGPIPE = false;

     

       230
       +
             serviceConfig.ExecStart = ''-${pkgs.hylafaxplus}/spool/bin/faxgetty -q "${cfg.spoolAreaPath}" /dev/%I'';

     

       231
       +
             # faxquit fails if the pipe is already gone

     

       232
       +
             # (e.g. the service is already stopping)

     

       233
       +
             serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}" %I'';

     

       234
       +
             # disable some systemd hardening settings

     

       235
       +
             serviceConfig.PrivateDevices = null;

     

       236
       +
             serviceConfig.RestrictRealtime = null;

     

       237
       +
           };

     

       238
       +
       

     

       239
       +
         modemServices =

     

       240
       +
           lib.listToAttrs (mapModems mkFaxgettyService);

     

       241
       +
       

     

       242
       +
       in

     

       243
       +
       

     

       244
       +
       {

     

       245
       +
         config.systemd = mkIf cfg.enable {

     

       246
       +
           inherit sockets timers paths;

     

       247
       +
           services = lib.mapAttrs (lib.const hardenService) (services // modemServices);

     

       248
       +
         };

     

       249
       +
       }