pyrox.dev / nixpkgs
lol
fork atom

nixos/hylafax: use `toGNUCommandLine`

...and `escapeShellArgs` for spool area program command lines.
The new function `mkSpoolCmd` adds the `-q` option
by default as it is needed by all such programs.

Yarny0 eb52347d 6e51b487

options
unified split
Changed files
+34 -23
nixos
modules
services
networking
hylafax
systemd.nix
+34 -23
nixos/modules/services/networking/hylafax/systemd.nix 
···

       
9

       
9

       
 

       



     

       
10

       
10

       
 

       
  inherit (lib)


     

       
11

       
11

       
 

       
    concatLines


     

       
12

       

       
-

       
    concatStringsSep


     

       

       
12

       
+

       
    escapeShellArgs


     

       
13

       
13

       
 

       
    mkIf


     

       
14

       
14

       
 

       
    mkMerge


     

       
15

       

       
-

       
    optionalString


     

       

       
15

       
+

       
    optional


     

       
16

       
16

       
 

       
    ;


     

       

       
17

       
+

       
  inherit (lib.cli) toGNUCommandLine;


     

       
17

       
18

       
 

       



     

       
18

       
19

       
 

       
  cfg = config.services.hylafax;


     

       
19

       
20

       
 

       
  mapModems = lib.forEach (lib.attrValues cfg.modems);


     

       

       
21

       
+

       



     

       

       
22

       
+

       
  mkSpoolCmd =


     

       

       
23

       
+

       
    prefix: program: posArg: options:


     

       

       
24

       
+

       
    let


     

       

       
25

       
+

       
      start = "${prefix}${pkgs.hylafaxplus}/spool/bin/${program}";


     

       

       
26

       
+

       
      optionsList = toGNUCommandLine { mkOptionName = k: "-${k}"; } (


     

       

       
27

       
+

       
        { q = cfg.spoolAreaPath; } // options


     

       

       
28

       
+

       
      );


     

       

       
29

       
+

       
      posArgList = optional (posArg != null) posArg;


     

       

       
30

       
+

       
    in


     

       

       
31

       
+

       
    "${start} ${escapeShellArgs (optionsList ++ posArgList)}";


     

       
20

       
32

       
 

       



     

       
21

       
33

       
 

       
  mkConfigFile =


     

       
22

       
34

       
 

       
    name: conf:


     
···

       
160

       
172

       
 

       
    wants = mapModems ({ name, ... }: "hylafax-faxgetty@${name}.service");


     

       
161

       
173

       
 

       
    wantedBy = mkIf cfg.autostart [ "multi-user.target" ];


     

       
162

       
174

       
 

       
    serviceConfig.Type = "forking";


     

       
163

       

       
-

       
    serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/faxq -q "${cfg.spoolAreaPath}"'';


     

       

       
175

       
+

       
    serviceConfig.ExecStart = mkSpoolCmd "" "faxq" null { };


     

       
164

       
176

       
 

       
    # This delays the "readiness" of this service until


     

       
165

       
177

       
 

       
    # all modems are initialized (or a timeout is reached).


     

       
166

       
178

       
 

       
    # Otherwise, sending a fax with the fax service


     
···

       
170

       
182

       
 

       
    serviceConfig.ExecStartPost = [ "${waitFaxqScript}" ];


     

       
171

       
183

       
 

       
    # faxquit fails if the pipe is already gone


     

       
172

       
184

       
 

       
    # (e.g. the service is already stopping)


     

       
173

       

       
-

       
    serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}"'';


     

       

       
185

       
+

       
    serviceConfig.ExecStop = mkSpoolCmd "-" "faxquit" null { };


     

       
174

       
186

       
 

       
    # disable some systemd hardening settings


     

       
175

       
187

       
 

       
    serviceConfig.PrivateDevices = null;


     

       
176

       
188

       
 

       
    serviceConfig.RestrictRealtime = null;


     
···

       
183

       
195

       
 

       
    requires = [ "hylafax-faxq.service" ];


     

       
184

       
196

       
 

       
    serviceConfig.StandardInput = "socket";


     

       
185

       
197

       
 

       
    serviceConfig.StandardOutput = "socket";


     

       
186

       

       
-

       
    serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/hfaxd -q "${cfg.spoolAreaPath}" -d -I'';


     

       

       
198

       
+

       
    serviceConfig.ExecStart = mkSpoolCmd "" "hfaxd" null {


     

       

       
199

       
+

       
      d = true;


     

       

       
200

       
+

       
      I = true;


     

       

       
201

       
+

       
    };


     

       
187

       
202

       
 

       
    unitConfig.RequiresMountsFor = [ cfg.userAccessFile ];


     

       
188

       
203

       
 

       
    # disable some systemd hardening settings


     

       
189

       
204

       
 

       
    serviceConfig.PrivateDevices = null;


     
···

       
197

       
212

       
 

       
    requires = [ "hylafax-spool.service" ];


     

       
198

       
213

       
 

       
    wantedBy = mkIf cfg.faxcron.enable.spoolInit requires;


     

       
199

       
214

       
 

       
    startAt = mkIf (cfg.faxcron.enable.frequency != null) cfg.faxcron.enable.frequency;


     

       
200

       

       
-

       
    serviceConfig.ExecStart = concatStringsSep " " [


     

       
201

       

       
-

       
      "${pkgs.hylafaxplus}/spool/bin/faxcron"


     

       
202

       

       
-

       
      ''-q "${cfg.spoolAreaPath}"''


     

       
203

       

       
-

       
      ''-info ${toString cfg.faxcron.infoDays}''


     

       
204

       

       
-

       
      ''-log  ${toString cfg.faxcron.logDays}''


     

       
205

       

       
-

       
      ''-rcv  ${toString cfg.faxcron.rcvDays}''


     

       
206

       

       
-

       
    ];


     

       

       
215

       
+

       
    serviceConfig.ExecStart = mkSpoolCmd "" "faxcron" null {


     

       

       
216

       
+

       
      info = cfg.faxcron.infoDays;


     

       

       
217

       
+

       
      log = cfg.faxcron.logDays;


     

       

       
218

       
+

       
      rcv = cfg.faxcron.rcvDays;


     

       

       
219

       
+

       
    };


     

       
207

       
220

       
 

       
  };


     

       
208

       
221

       
 

       



     

       
209

       
222

       
 

       
  services.hylafax-faxqclean = rec {


     
···

       
213

       
226

       
 

       
    requires = [ "hylafax-spool.service" ];


     

       
214

       
227

       
 

       
    wantedBy = mkIf cfg.faxqclean.enable.spoolInit requires;


     

       
215

       
228

       
 

       
    startAt = mkIf (cfg.faxqclean.enable.frequency != null) cfg.faxqclean.enable.frequency;


     

       
216

       

       
-

       
    serviceConfig.ExecStart = concatStringsSep " " [


     

       
217

       

       
-

       
      "${pkgs.hylafaxplus}/spool/bin/faxqclean"


     

       
218

       

       
-

       
      ''-q "${cfg.spoolAreaPath}"''


     

       
219

       

       
-

       
      "-v"


     

       
220

       

       
-

       
      (optionalString (cfg.faxqclean.archiving != "never") "-a")


     

       
221

       

       
-

       
      (optionalString (cfg.faxqclean.archiving == "always") "-A")


     

       
222

       

       
-

       
      ''-j ${toString (cfg.faxqclean.doneqMinutes * 60)}''


     

       
223

       

       
-

       
      ''-d ${toString (cfg.faxqclean.docqMinutes * 60)}''


     

       
224

       

       
-

       
    ];


     

       

       
229

       
+

       
    serviceConfig.ExecStart = mkSpoolCmd "" "faxqclean" null {


     

       

       
230

       
+

       
      v = true;


     

       

       
231

       
+

       
      a = cfg.faxqclean.archiving != "never";


     

       

       
232

       
+

       
      A = cfg.faxqclean.archiving == "always";


     

       

       
233

       
+

       
      j = 60 * cfg.faxqclean.doneqMinutes;


     

       

       
234

       
+

       
      d = 60 * cfg.faxqclean.docqMinutes;


     

       

       
235

       
+

       
    };


     

       
225

       
236

       
 

       
  };


     

       
226

       
237

       
 

       



     

       
227

       
238

       
 

       
  mkFaxgettyService =


     
···

       
243

       
254

       
 

       
      serviceConfig.Restart = "always";


     

       
244

       
255

       
 

       
      serviceConfig.KillMode = "process";


     

       
245

       
256

       
 

       
      serviceConfig.IgnoreSIGPIPE = false;


     

       
246

       

       
-

       
      serviceConfig.ExecStart = ''-${pkgs.hylafaxplus}/spool/bin/faxgetty -q "${cfg.spoolAreaPath}" /dev/%I'';


     

       

       
257

       
+

       
      serviceConfig.ExecStart = mkSpoolCmd "-" "faxgetty" "/dev/%I" { };


     

       
247

       
258

       
 

       
      # faxquit fails if the pipe is already gone


     

       
248

       
259

       
 

       
      # (e.g. the service is already stopping)


     

       
249

       

       
-

       
      serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}" %I'';


     

       

       
260

       
+

       
      serviceConfig.ExecStop = mkSpoolCmd "-" "faxquit" "%I" { };


     

       
250

       
261

       
 

       
      # disable some systemd hardening settings


     

       
251

       
262

       
 

       
      serviceConfig.PrivateDevices = null;


     

       
252

       
263

       
 

       
      serviceConfig.RestrictRealtime = null;