commit f3fc60b310d9facdc9fb1e2c68a736b1924fa542 · pyrox.dev/nixpkgs

+35 -30
nixos/modules/services/security/clamav.nix
···

       8
       8
        
         cfg = config.services.clamav;

     

       9
       9
        
         pkg = pkgs.clamav;

     

       10
       10
        
       

     

       11
       11
       -
         clamdConfigFile = pkgs.writeText "clamd.conf" ''

     

       12
       12
       -
           DatabaseDirectory ${stateDir}

     

       13
       13
       -
           LocalSocket ${runDir}/clamd.ctl

     

       14
       14
       -
           PidFile ${runDir}/clamd.pid

     

       15
       15
       -
           TemporaryDirectory /tmp

     

       16
       16
       -
           User clamav

     

       17
       17
       -
           Foreground yes

     

       11
       11
       +
         toKeyValue = generators.toKeyValue {

     

       12
       12
       +
           mkKeyValue = generators.mkKeyValueDefault {} " ";

     

       13
       13
       +
           listsAsDuplicateKeys = true;

     

       14
       14
       +
         };

     

       18
       15
        
       

     

       19
       19
       -
           ${cfg.daemon.extraConfig}

     

       20
       20
       -
         '';

     

       21
       21
       -
       

     

       22
       22
       -
         freshclamConfigFile = pkgs.writeText "freshclam.conf" ''

     

       23
       23
       -
           DatabaseDirectory ${stateDir}

     

       24
       24
       -
           Foreground yes

     

       25
       25
       -
           Checks ${toString cfg.updater.frequency}

     

       26
       26
       -
       

     

       27
       27
       -
           ${cfg.updater.extraConfig}

     

       28
       28
       -
       

     

       29
       29
       -
           DatabaseMirror database.clamav.net

     

       30
       30
       -
         '';

     

       16
       16
       +
         clamdConfigFile = pkgs.writeText "clamd.conf" (toKeyValue cfg.daemon.settings);

     

       17
       17
       +
         freshclamConfigFile = pkgs.writeText "freshclam.conf" (toKeyValue cfg.updater.settings);

     

       31
       18
        
       in

     

       32
       19
        
       {

     

       33
       20
        
         imports = [

     

       34
       34
       -
           (mkRenamedOptionModule [ "services" "clamav" "updater" "config" ] [ "services" "clamav" "updater" "extraConfig" ])

     

       21
       21
       +
           (mkRemovedOptionModule [ "services" "clamav" "updater" "config" ] "Use services.clamav.updater.settings instead.")

     

       22
       22
       +
           (mkRemovedOptionModule [ "services" "clamav" "updater" "extraConfig" ] "Use services.clamav.updater.settings instead.")

     

       23
       23
       +
           (mkRemovedOptionModule [ "services" "clamav" "daemon" "extraConfig" ] "Use services.clamav.daemon.settings instead.")

     

       35
       24
        
         ];

     

       36
       25
        
       

     

       37
       26
        
         options = {

     
···

       39
       28
        
             daemon = {

     

       40
       29
        
               enable = mkEnableOption "ClamAV clamd daemon";

     

       41
       30
        
       

     

       42
       42
       -
               extraConfig = mkOption {

     

       43
       43
       -
                 type = types.lines;

     

       44
       44
       -
                 default = "";

     

       31
       31
       +
               settings = mkOption {

     

       32
       32
       +
                 type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);

     

       33
       33
       +
                 default = {};

     

       45
       34
        
                 description = ''

     

       46
       46
       -
                   Extra configuration for clamd. Contents will be added verbatim to the

     

       47
       47
       -
                   configuration file.

     

       35
       35
       +
                   ClamAV configuration. Refer to <link xlink:href="https://linux.die.net/man/5/clamd.conf"/>,

     

       36
       36
       +
                   for details on supported values.

     

       48
       37
        
                 '';

     

       49
       38
        
               };

     

       50
       39
        
             };

     
···

       68
       57
        
                 '';

     

       69
       58
        
               };

     

       70
       59
        
       

     

       71
       71
       -
               extraConfig = mkOption {

     

       72
       72
       -
                 type = types.lines;

     

       73
       73
       -
                 default = "";

     

       60
       60
       +
               settings = mkOption {

     

       61
       61
       +
                 type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);

     

       62
       62
       +
                 default = {};

     

       74
       63
        
                 description = ''

     

       75
       75
       -
                   Extra configuration for freshclam. Contents will be added verbatim to the

     

       76
       76
       -
                   configuration file.

     

       64
       64
       +
                   freshclam configuration. Refer to <link xlink:href="https://linux.die.net/man/5/freshclam.conf"/>,

     

       65
       65
       +
                   for details on supported values.

     

       77
       66
        
                 '';

     

       78
       67
        
               };

     

       79
       68
        
             };

     
···

       92
       81
        
       

     

       93
       82
        
           users.groups.${clamavGroup} =

     

       94
       83
        
             { gid = config.ids.gids.clamav; };

     

       84
       84
       +
       

     

       85
       85
       +
           services.clamav.daemon.settings = {

     

       86
       86
       +
             DatabaseDirectory = stateDir;

     

       87
       87
       +
             LocalSocket = "${runDir}/clamd.ctl";

     

       88
       88
       +
             PidFile = "${runDir}/clamd.pid";

     

       89
       89
       +
             TemporaryDirectory = "/tmp";

     

       90
       90
       +
             User = "clamav";

     

       91
       91
       +
             Foreground = true;

     

       92
       92
       +
           };

     

       93
       93
       +
       

     

       94
       94
       +
           services.clamav.updater.settings = {

     

       95
       95
       +
             DatabaseDirectory = stateDir;

     

       96
       96
       +
             Foreground = true;

     

       97
       97
       +
             Checks = cfg.updater.frequency;

     

       98
       98
       +
             DatabaseMirror = [ "database.clamav.net" ];

     

       99
       99
       +
           };

     

       95
       100
        
       

     

       96
       101
        
           environment.etc."clamav/freshclam.conf".source = freshclamConfigFile;

     

       97
       102
        
           environment.etc."clamav/clamd.conf".source = clamdConfigFile;