pyrox.dev / nixpkgs
lol
fork atom

postgrey: allow additional whitelists

Gregor Kleen 58fa71b3 82291bae

options
unified split
Changed files
+11 -1
nixos
modules
services
mail
postgrey.nix
+11 -1
nixos/modules/services/mail/postgrey.nix 
···

       
118

       
118

       
 

       
        default = 5;


     

       
119

       
119

       
 

       
        description = "Whitelist clients after successful delivery of N messages";


     

       
120

       
120

       
 

       
      };


     

       

       
121

       
+

       
      whitelistClients = mkOption {


     

       

       
122

       
+

       
        type = listOf path;


     

       

       
123

       
+

       
        default = [];


     

       

       
124

       
+

       
        description = "Client address whitelist files (see postgrey(8))";


     

       

       
125

       
+

       
      };


     

       

       
126

       
+

       
      whitelistRecipients = mkOption {


     

       

       
127

       
+

       
        type = listOf path;


     

       

       
128

       
+

       
        default = [];


     

       

       
129

       
+

       
        description = "Recipient address whitelist files (see postgrey(8))";


     

       

       
130

       
+

       
      };


     

       
121

       
131

       
 

       
    };


     

       
122

       
132

       
 

       
  };


     

       
123

       
133

       
 

       



     
···

       
156

       
166

       
 

       
      '';


     

       
157

       
167

       
 

       
      serviceConfig = {


     

       
158

       
168

       
 

       
        Type = "simple";


     

       
159

       

       
-

       
        ExecStart = ''${pkgs.postgrey}/bin/postgrey ${bind-flag} --group=postgrey --user=postgrey --dbdir=/var/postgrey --delay=${toString cfg.delay} --max-age=${toString cfg.maxAge} --retry-window=${toString cfg.retryWindow} ${if cfg.lookupBySubnet then "--lookup-by-subnet" else "--lookup-by-host"} --ipv4cidr=${toString cfg.IPv4CIDR} --ipv6cidr=${toString cfg.IPv6CIDR} ${optionalString cfg.privacy "--privacy"} --auto-whitelist-clients=${toString (if cfg.autoWhitelist == null then 0 else cfg.autoWhitelist)} --greylist-text="${cfg.greylistText}" --x-greylist-header="${cfg.greylistHeader}" --greylist-action=${cfg.greylistAction}'';


     

       

       
169

       
+

       
        ExecStart = ''${pkgs.postgrey}/bin/postgrey ${bind-flag} --group=postgrey --user=postgrey --dbdir=/var/postgrey --delay=${toString cfg.delay} --max-age=${toString cfg.maxAge} --retry-window=${toString cfg.retryWindow} ${if cfg.lookupBySubnet then "--lookup-by-subnet" else "--lookup-by-host"} --ipv4cidr=${toString cfg.IPv4CIDR} --ipv6cidr=${toString cfg.IPv6CIDR} ${optionalString cfg.privacy "--privacy"} --auto-whitelist-clients=${toString (if cfg.autoWhitelist == null then 0 else cfg.autoWhitelist)} --greylist-text="${cfg.greylistText}" --x-greylist-header="${cfg.greylistHeader}" --greylist-action=${cfg.greylistAction} ${concatMapStringsSep " " (x: "--whitelist-clients=" + x) cfg.whitelistClients} ${concatMapStringsSep " " (x: "--whitelist-recipients=" + x) cfg.whitelistRecipients}'';


     

       
160

       
170

       
 

       
        Restart = "always";


     

       
161

       
171

       
 

       
        RestartSec = 5;


     

       
162

       
172

       
 

       
        TimeoutSec = 10;