diff options
| author | EuAndreh <eu@euandre.org> | 2023-03-16 14:06:21 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2023-03-16 15:21:27 -0300 |
| commit | 93508259272afe5a7fb7fdf2d080d81182abe97d (patch) | |
| tree | ed77e6e76c21a909dec687145ec9b3df1a7da09d | |
| parent | bin/boop: Add -n option (diff) | |
| download | dotfiles-93508259272afe5a7fb7fdf2d080d81182abe97d.tar.gz dotfiles-93508259272afe5a7fb7fdf2d080d81182abe97d.tar.xz | |
etc/guix/system.scm: Remove local Postfix service code, use from org-euandre channel
| -rw-r--r-- | etc/guix/system.scm | 318 |
1 files changed, 61 insertions, 257 deletions
diff --git a/etc/guix/system.scm b/etc/guix/system.scm index 6f8389a..7cfddae 100644 --- a/etc/guix/system.scm +++ b/etc/guix/system.scm @@ -115,265 +115,66 @@ Seiko Epson Color Ink Jet Printers.") (define toph "toph") (define toph.tld "euandre.org") -(define-record-type* <postfix-configuration> - postfix-configuration - make-postfix-configuration - postfix-configuration? - (postfix postfix-configuration-postfix (default queue:postfix)) - (set-sendmail? postfix-configuration-set-sendmail? (default #t)) - (master.cf-file postfix-configuration-master.cf-file (default #f)) - (main.cf-file postfix-configuration-main.cf-file (default #f)) - (master.cf-extra postfix-configuration-master.cf-extra (default "")) - (main.cf-extra postfix-configuration-main.cf-extra (default "")) - (data-directory postfix-configuration-data-directory (default "/var/lib/postfix")) - (queue-directory postfix-configuration-queue-directory (default "/var/spool/postfix")) - (user postfix-configuration-user (default "postfix")) - (group postfix-configuration-group (default "postfix")) - (setgid-group postfix-configuration-setgid-group (default "postdrop")) - (root-aliases postfix-configuration-root-aliases (default '("abuse" "admin" "hostmaster" "postmaster"))) - (cert-file postfix-configuration-cert-file (default #f)) - (key-file postfix-configuration-key-file (default #f)) - (hostname postfix-configuration-hostname (default (gethostname)))) -(define (generate-master.cf config) - (match-record config <postfix-configuration> - (master.cf-extra) - (format #f - #"- - # ============================================================================================================ - # service type private unpriv chroot wakeup maxproc command + args - # (yes) (yes) (no) (never) (100) - # ============================================================================================================= +(define master.cf #"- + # ============================================================================================================ + # service type private unpriv chroot wakeup maxproc command + args + # (yes) (yes) (no) (never) (100) + # ============================================================================================================= + + anvil unix - - n - 1 anvil + bounce unix - - n - 0 bounce + cleanup unix n - n - 0 cleanup + defer unix - - n - 0 bounce + discard unix - - n - - discard + error unix - - n - - error + flush unix n - n 1000? 0 flush + lmtp unix - - n - - lmtp + local unix - n n - - local + pickup unix n - n 60 1 pickup + proxymap unix - - n - - proxymap + proxywrite unix - - n - 1 proxymap + qmgr unix n - n 300 1 qmgr + relay unix - - n - - smtp + retry unix - - n - - error + rewrite unix - - n - - trivial-rewrite + scache unix - - n - 1 scache + showq unix n - n - - showq + smtp unix - - n - - smtp + smtp inet n - n - - smtpd -v -o syslog_name=postfix/smtp + tlsmgr unix - - n 1000? 1 tlsmgr + trace unix - - n - 0 bounce + verify unix - - n - 1 verify + virtual unix - n n - - virtual + postlog unix-dgram n - n - 1 postlogd + "#) + +(define main.cf #"- + compatibility_level = 3.6 + + mynetworks = 127.0.0.0/8 + + queue_directory = /var/spool/postfix + data_directory = /var/lib/postfix + mail_owner = postfix + setgid_group = postdrop + + alias_maps = hash:/etc/aliases + + header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGNORE } } + + sender_dependent_relayhost_maps = hash:/var/lib/andreh/postfix/relayhosts-maps + smtp_sasl_password_maps = hash:/var/lib/andreh/postfix/sasl-password + smtp_sasl_auth_enable = yes + smtp_sasl_security_options = noanonymous + smtp_tls_security_level = encrypt + smtp_tls_note_starttls_offer = yes + smtp_use_tls = yes + smtp_sender_dependent_authentication = yes + smtp_sasl_mechanism_filter = login, plain + "#) - anvil unix - - n - 1 anvil - bounce unix - - n - 0 bounce - cleanup unix n - n - 0 cleanup - defer unix - - n - 0 bounce - discard unix - - n - - discard - error unix - - n - - error - flush unix n - n 1000? 0 flush - lmtp unix - - n - - lmtp - local unix - n n - - local - pickup unix n - n 60 1 pickup - proxymap unix - - n - - proxymap - proxywrite unix - - n - 1 proxymap - qmgr unix n - n 300 1 qmgr - relay unix - - n - - smtp - retry unix - - n - - error - rewrite unix - - n - - trivial-rewrite - scache unix - - n - 1 scache - showq unix n - n - - showq - smtp unix - - n - - smtp - smtp inet n - n - - smtpd -v -o syslog_name=postfix/smtp - tlsmgr unix - - n 1000? 1 tlsmgr - trace unix - - n - 0 bounce - verify unix - - n - 1 verify - virtual unix - n n - - virtual - postlog unix-dgram n - n - 1 postlogd - ~a - "# - master.cf-extra))) - -(define (generate-main.cf config) - (match-record config <postfix-configuration> - (postfix queue-directory data-directory user setgid-group hostname main.cf-extra) - (format #f - #"- - compatibility_level = 3.6 - - mynetworks = 127.0.0.0/8 - - queue_directory = ~a - data_directory = ~a - mail_owner = ~a - setgid_group = ~a - - # myhostname = ~a - # mydestination = $myhostname, $mydomain, localhost.$mydomain, localhost - - alias_maps = hash:/etc/aliases - - home_mailbox = Mail/Inbox - - header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGNORE } } - ~a - - sender_dependent_relayhost_maps = hash:~a/postfix/relayhosts-maps - smtp_sasl_auth_enable = yes - smtp_sasl_password_maps = hash:~a/postfix/sasl-password - smtp_sasl_security_options = noanonymous - smtp_tls_security_level = encrypt - smtp_tls_note_starttls_offer = yes - smtp_use_tls = yes - smtp_sender_dependent_authentication = yes - smtp_sasl_mechanism_filter = login, plain - "# - queue-directory - data-directory - user - setgid-group - hostname - ;; hostname - main.cf-extra - priv-statedir - priv-statedir))) - -(define (postfix-etc-files config) - (match-record config <postfix-configuration> - (master.cf-file main.cf-file) - `(("postfix" - ,(file-union - "postfix" - `(("master.cf" ,(plain-file "master.cf" (or master.cf-file (generate-master.cf config)))) - ("main.cf" ,(plain-file "main.cf" (or main.cf-file (generate-main.cf config)))))))))) - -(define (postfix-accounts config) - (match-record config <postfix-configuration> - (user group setgid-group) - (list - (user-account - (name user) - (group group) - (comment "Postfix system user") - (home-directory "/var/empty") - (shell (file-append shadow "/sbin/nologin")) - (system? #t)) - (user-group - (name group) - (system? #t)) - (user-group - (name setgid-group) - (system? #t))))) - -(define (postfix-setuid-programs config) - (match-record config <postfix-configuration> - (postfix setgid-group set-sendmail?) - (append - (list - (setuid-program - (program (file-append postfix "/sbin/postdrop")) - (setuid? #f) - (setgid? #t) - (group setgid-group)) - (setuid-program - (program (file-append postfix "/sbin/postqueue")) - (setuid? #f) - (setgid? #t) - (group setgid-group))) - (if set-sendmail? - (list - (setuid-program - (program (file-append postfix "/sbin/sendmail")) - (setuid? #f) - (setgid? #t) - (group setgid-group))) - '())))) - -(define (postfix-activation config) - (match-record config <postfix-configuration> - (queue-directory) - #~(begin - (use-modules (guix build utils)) - (let ((user (getpwnam "root"))) - (format (current-error-port) - "Creating Postfix queue directory: \"~a\".~%" #$queue-directory) - (mkdir-p #$queue-directory) - (chown #$queue-directory (passwd:uid user) (passwd:gid user)) - (chmod #$queue-directory #o755) - (format (current-error-port) - "Creating email spool director: \"/var/mail\".~%") - (mkdir-p "/var/mail"))))) - -(define (postfix-shepherd-service config) - (match-record config <postfix-configuration> - (postfix data-directory) - (list - (shepherd-service - (provision '(postfix)) - (documentation - #"- - Run the Postfix MTA. - - This is the entrypoint for starting the "master" process. Then the - "master" process itself takes responsability of starting all the - required daemons and commands."#) - (start #~(make-forkexec-constructor - (list - #$(file-append postfix "/sbin/postfix") - "-v" - "start-fg") - #:pid-file (string-append #$data-directory "/master.lock"))) - (stop #~(make-kill-destructor)) - (actions - (list - (shepherd-action - (name 'reload) - (documentation - #"- - Re-read the "master.cf" and "main.cf" configuration files. - - Daemon processes terminate when possible, and when restarted - use the values of the new configuration files. - - This live-reload option is usually preferable over a stop/start - cycle, as it incurs in no interruption of the running service."#) - (procedure - #~(lambda _ - (invoke #$(file-append postfix "/sbin/postfix") "reload")))))))))) - -(define (postfix-aliases config) - (match-record config <postfix-configuration> - (root-aliases) - (map (lambda (alias) - `(,alias "root")) - root-aliases))) - -(define postfix-service-type - (service-type - (name 'postfix) - (extensions - (list - (service-extension etc-service-type - postfix-etc-files) - (service-extension account-service-type - postfix-accounts) - (service-extension setuid-program-service-type - postfix-setuid-programs) - (service-extension activation-service-type - postfix-activation) - (service-extension mail-aliases-service-type - postfix-aliases) - (service-extension profile-service-type - (compose list postfix-configuration-postfix)) - (service-extension shepherd-root-service-type - postfix-shepherd-service))) - (default-value (postfix-configuration)) - (description - #"- - Run the Postfix MTA. - - This is the top-level system service for Postfix. - - It includes: - - populating /etc/postfix/ with read-only configuration files; - - the user and groups used by Postfix when handling email delivery; - - the special setgid binaries for daily usage, such as "sendmail"; - - the Shepherd service for starting, stopping and *reloading* the - service without restarting it; - - the activation script for creating the required directories and - configuring them with the correct permissions; - - the binaries in the system profile so that one doesn't need to explicilty - include the package when the service is already enabled. - - An extension to the log-rotation service isn't included: the default - rottlog configuration already includes /var/log/maillog in its routine, - so it is kept out. - - The defaults of <postfix-configuration> provide sane default values for - most things, such as group names, data and queue directories, etc. When - used as-is, it creates a Postfix server that sends email from local users - of the domain provided by "/etc/hostname"."#))) (operating-system (kernel linux) @@ -437,7 +238,10 @@ Seiko Epson Color Ink Jet Printers.") (mkdir-p #$priv-statedir) (chown #$priv-statedir (passwd:uid user) (passwd:gid user)) (chmod #$priv-statedir #o700)))) - (service postfix-service-type) + (service queue:local-postfix-service-type + (queue:postfix-configuration + (master.cf-file master.cf) + (main.cf-file main.cf))) (service mail-aliases-service-type '(("root" "andreh") ("andreh" "eu@euandre.org"))) |