pyrox.dev / nixpkgs
lol
fork atom

Merge pull request #103902 from pkern/spamassassin

nixos/spamassassin: Avoid network dependency on boot

Luke Granger-Brown 2fa2e639 b8ef16dc

options
unified split
Changed files
+38 -31
nixos
modules
services
mail
spamassassin.nix
pkgs
servers
mail
spamassassin
default.nix
+36 -29
nixos/modules/services/mail/spamassassin.nix 
···

       
126

       
126

       
 

       
    };


     

       
127

       
127

       
 

       



     

       
128

       
128

       
 

       
    systemd.services.sa-update = {


     

       

       
129

       
+

       
      # Needs to be able to contact the update server.


     

       

       
130

       
+

       
      wants = [ "network-online.target" ];


     

       

       
131

       
+

       
      after = [ "network-online.target" ];


     

       

       
132

       
+

       



     

       

       
133

       
+

       
      serviceConfig = {


     

       

       
134

       
+

       
        Type = "oneshot";


     

       

       
135

       
+

       
        User = "spamd";


     

       

       
136

       
+

       
        Group = "spamd";


     

       

       
137

       
+

       
        StateDirectory = "spamassassin";


     

       

       
138

       
+

       
        ExecStartPost = "+${pkgs.systemd}/bin/systemctl -q --no-block try-reload-or-restart spamd.service";


     

       

       
139

       
+

       
      };


     

       

       
140

       
+

       



     

       
129

       
141

       
 

       
      script = ''


     

       
130

       
142

       
 

       
        set +e


     

       
131

       

       
-

       
        ${pkgs.su}/bin/su -s "${pkgs.bash}/bin/bash" -c "${pkgs.spamassassin}/bin/sa-update --gpghomedir=/var/lib/spamassassin/sa-update-keys/" spamd


     

       

       
143

       
+

       
        ${pkgs.spamassassin}/bin/sa-update --verbose --gpghomedir=/var/lib/spamassassin/sa-update-keys/


     

       

       
144

       
+

       
        rc=$?


     

       

       
145

       
+

       
        set -e


     

       
132

       
146

       
 

       



     

       
133

       

       
-

       
        v=$?


     

       
134

       

       
-

       
        set -e


     

       
135

       

       
-

       
        if [ $v -gt 1 ]; then


     

       
136

       

       
-

       
          echo "sa-update execution error"


     

       
137

       

       
-

       
          exit $v


     

       

       
147

       
+

       
        if [[ $rc -gt 1 ]]; then


     

       

       
148

       
+

       
          # sa-update failed.


     

       

       
149

       
+

       
          exit $rc


     

       
138

       
150

       
 

       
        fi


     

       
139

       

       
-

       
        if [ $v -eq 0 ]; then


     

       
140

       

       
-

       
          systemctl reload spamd.service


     

       

       
151

       
+

       



     

       

       
152

       
+

       
        if [[ $rc -eq 1 ]]; then


     

       

       
153

       
+

       
          # No update was available, exit successfully.


     

       

       
154

       
+

       
          exit 0


     

       
141

       
155

       
 

       
        fi


     

       

       
156

       
+

       



     

       

       
157

       
+

       
        # An update was available and installed. Compile the rules.


     

       

       
158

       
+

       
        ${pkgs.spamassassin}/bin/sa-compile


     

       
142

       
159

       
 

       
      '';


     

       
143

       
160

       
 

       
    };


     

       
144

       
161

       
 

       



     
···

       
153

       
170

       
 

       
    };


     

       
154

       
171

       
 

       



     

       
155

       
172

       
 

       
    systemd.services.spamd = {


     

       
156

       

       
-

       
      description = "Spam Assassin Server";


     

       

       
173

       
+

       
      description = "SpamAssassin Server";


     

       
157

       
174

       
 

       



     

       
158

       
175

       
 

       
      wantedBy = [ "multi-user.target" ];


     

       
159

       

       
-

       
      after = [ "network.target" ];


     

       

       
176

       
+

       
      wants = [ "sa-update.service" ];


     

       

       
177

       
+

       
      after = [


     

       

       
178

       
+

       
        "network.target"


     

       

       
179

       
+

       
        "sa-update.service"


     

       

       
180

       
+

       
      ];


     

       
160

       
181

       
 

       



     

       
161

       
182

       
 

       
      serviceConfig = {


     

       
162

       

       
-

       
        ExecStart = "${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --virtual-config-dir=/var/lib/spamassassin/user-%u --allow-tell --pidfile=/run/spamd.pid";


     

       
163

       

       
-

       
        ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";


     

       

       
183

       
+

       
        User = "spamd";


     

       

       
184

       
+

       
        Group = "spamd";


     

       

       
185

       
+

       
        ExecStart = "+${pkgs.spamassassin}/bin/spamd ${optionalString cfg.debug "-D"} --username=spamd --groupname=spamd --virtual-config-dir=%S/spamassassin/user-%u --allow-tell --pidfile=/run/spamd.pid";


     

       

       
186

       
+

       
        ExecReload = "+${pkgs.coreutils}/bin/kill -HUP $MAINPID";


     

       

       
187

       
+

       
        StateDirectory = "spamassassin";


     

       
164

       
188

       
 

       
      };


     

       
165

       

       
-

       



     

       
166

       

       
-

       
      # 0 and 1 no error, exitcode > 1 means error:


     

       
167

       

       
-

       
      # https://spamassassin.apache.org/full/3.1.x/doc/sa-update.html#exit_codes


     

       
168

       

       
-

       
      preStart = ''


     

       
169

       

       
-

       
        echo "Recreating '/var/lib/spamasassin' with creating '3.004001' (or similar) and 'sa-update-keys'"


     

       
170

       

       
-

       
        mkdir -p /var/lib/spamassassin


     

       
171

       

       
-

       
        chown spamd:spamd /var/lib/spamassassin -R


     

       
172

       

       
-

       
        set +e


     

       
173

       

       
-

       
        ${pkgs.su}/bin/su -s "${pkgs.bash}/bin/bash" -c "${pkgs.spamassassin}/bin/sa-update --gpghomedir=/var/lib/spamassassin/sa-update-keys/" spamd


     

       
174

       

       
-

       
        v=$?


     

       
175

       

       
-

       
        set -e


     

       
176

       

       
-

       
        if [ $v -gt 1 ]; then


     

       
177

       

       
-

       
          echo "sa-update execution error"


     

       
178

       

       
-

       
          exit $v


     

       
179

       

       
-

       
        fi


     

       
180

       

       
-

       
        chown spamd:spamd /var/lib/spamassassin -R


     

       
181

       

       
-

       
      '';


     

       
182

       
189

       
 

       
    };


     

       
183

       
190

       
 

       
  };


     

       
184

       
191

       
 

       
}
+2 -2
pkgs/servers/mail/spamassassin/default.nix 
···

       
1

       

       
-

       
{ lib, fetchurl, perlPackages, makeWrapper, gnupg }:


     

       

       
1

       
+

       
{ lib, fetchurl, perlPackages, makeWrapper, gnupg, re2c, gcc, gnumake }:


     

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
perlPackages.buildPerlPackage rec {


     

       
4

       
4

       
 

       
  pname = "SpamAssassin";


     
···

       
29

       
29

       
 

       
    mv "rules/"* $out/share/spamassassin/


     

       
30

       
30

       
 

       



     

       
31

       
31

       
 

       
    for n in "$out/bin/"*; do


     

       
32

       

       
-

       
      wrapProgram "$n" --prefix PERL5LIB : "$PERL5LIB" --prefix PATH : "${gnupg}/bin"


     

       

       
32

       
+

       
      wrapProgram "$n" --prefix PERL5LIB : "$PERL5LIB" --prefix PATH : ${lib.makeBinPath [ gnupg re2c gcc gnumake ]}


     

       
33

       
33

       
 

       
    done


     

       
34

       
34

       
 

       
  '';


     

       
35

       
35