blob: 7a5f60d129c14eec10c9d89209d5aceb18fdbad4 (
plain) (
tree)
|
|
(define-module (xyz euandreh queue)
#:use-module ((guix licenses) #:prefix license:)
;; #:use-module ((nonguix licenses) #:prefix ng-license:)
#:use-module ((srfi srfi-1) #:prefix srfi-1:)
#:use-module (guix build-system gnu)
#:use-module (guix build-system python)
#:use-module (guix build-system trivial)
#:use-module (guix download)
#:use-module (guix gexp)
#:use-module (guix git-download)
#:use-module (guix packages)
#:use-module (guix records)
#:use-module (guix utils)
#:use-module (gnu)
#:use-module (gnu packages admin)
#:use-module (gnu packages check)
#:use-module (gnu packages cpio)
#:use-module (gnu packages cups)
#:use-module (gnu packages cyrus-sasl)
#:use-module (gnu packages dbm)
#:use-module (gnu packages image)
#:use-module (gnu packages glib)
#:use-module (gnu packages gnome)
#:use-module (gnu packages mail)
#:use-module (gnu packages m4)
#:use-module (gnu packages onc-rpc)
#:use-module (gnu packages package-management)
#:use-module (gnu packages perl)
#:use-module (gnu packages python-build)
#:use-module (gnu packages python-crypto)
#:use-module (gnu packages python-web)
#:use-module (gnu packages python-xyz)
#:use-module (gnu packages time)
#:use-module (gnu packages tls)
#:use-module (gnu packages xml)
#:use-module (gnu services shepherd)
#:export (<shadow-group-configuration>
shadow-group-configuration
shadow-group-configuration-group
shadow-group-activation
shadow-group-accounts
shadow-group-service-type
<cyrus-service-configuration>
cyrus-service-configuration
cyrus-service-configuration-name
cyrus-service-configuration-authmech
cyrus-service-configuration-log-level
<cyrus-sasl-configuration>
cyrus-sasl-configuration
cyrus-sasl-configuration-cyrus-sasl
cyrus-sasl-configuration-authmech
cyrus-sasl-configuration-services
cyrus-sasl-configuration-state-dir
cyrus-sasl-etc-files
cyrus-sasl-activation
cyrus-sasl-accounts
cyrus-sasl-shepherd-service
cyrus-sasl-service-type
<dkimproxyout-configuration>
dkimproxyout-configuration
dkimproxyout-configuration-dkimproxy
dkimproxyout-configuration-user
dkimproxyout-configuration-group
dkimproxyout-configuration-listen
dkimproxyout-configuration-relay
dkimproxyout-configuration-domains
dkimproxyout-configuration-selector
dkimproxyout-configuration-key-size
dkimproxyout-configuration-data-directory
dkimproxyout-etc-files
dkimproxyout-accounts
dkimproxyout-activation
dkimproxyout-shepherd-service
dkimproxyout-service-type))
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;; packages ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
(define-public postfix
(package
(name "postfix")
(version "3.8-20221023")
(source
(origin
(method url-fetch)
(uri
(string-append
"http://cdn.postfix.johnriley.me/mirrors/postfix-release/experimental/postfix-"
version
".tar.gz"))
(sha256
(base32 "0aaylhn81n9z3kidx53kzf2jrilr3lgwfxsk1r4hn7nkrp62bcwm"))))
(build-system gnu-build-system)
(arguments
(list
#:tests? #f
#:modules `((srfi srfi-26)
,@%gnu-build-system-modules)
#:phases
#~(modify-phases %standard-phases
(add-before 'configure 'patch-/bin/sh
(lambda _
(substitute* (find-files "." "^Makefile")
(("/bin/sh")
(which "sh")))))
(add-before 'configure 'patch-bdb-include
(lambda* (#:key inputs #:allow-other-keys)
(substitute* "makedefs"
(("/usr/include")
(string-append (assoc-ref inputs "bdb")
"/include")))))
(add-before 'configure 'dont-hardcode-PATH
(lambda _
(substitute* '("postfix-install"
"conf/post-install")
(("^PATH=")
"# PATH="))))
(add-before 'configure 'fix-strict-PATH
(lambda _
(substitute* "src/util/sys_defs.h"
(("^#define (ROOT_PATH|_PATH_DEFPATH|_PATH_STDPATH).*")
"#define ROOT_PATH \"/run/setuid-programs:/run/current-system/profile/bin:/run/current-system/profile/sbin\"\n"))))
(add-before 'configure 'use-relative-symlink-to-store
(lambda _
(substitute* "postfix-install"
(("ln -sf")
"ln -rsf"))))
(add-before 'configure 'fix-absolute-path-to-setuid-programs
(lambda _
(substitute* "conf/postfix-script"
(("\\$command_directory/postqueue")
"/run/setuid-programs/postqueue")
(("\\$command_directory/postdrop")
"/run/setuid-programs/postdrop"))))
(add-before 'configure 'disable-warning-on-non-writable-config-files
(lambda _
(substitute* "conf/postfix-script"
(("find \\$todo \\\\\\( -perm -020 -o -perm -002 \\\\\\) \\\\\n")
" # find $todo \\( -perm -020 -o -perm -002 \\)"))))
(add-before 'configure 'disable-write-to-/etc/postfix
(lambda _
(substitute* "src/postconf/postconf_edit.c"
(("pcf_set_config_dir.*")
"return;"))))
(add-before 'configure 'setup-environment
(lambda* (#:key outputs inputs #:allow-other-keys)
(setenv "CCARGS" (string-append "-DUSE_TLS -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I"
(assoc-ref inputs "cyrus-sasl")
"/include/sasl"))
(setenv "AUXLIBS" "-lnsl -lcrypto -lssl -lsasl2")
(let* ((out (assoc-ref outputs "out"))
(bin (string-append out "/bin"))
(sbin (string-append out "/sbin"))
(lib (string-append out "/lib/postfix"))
(libexec (string-append out "/libexec/postfix"))
(etc (string-append out "/etc/postfix"))
(man (string-append out "/share/man"))
(doc (string-append out "/share/doc/postfix-" #$version))
(html (string-append doc "/html")))
(setenv "install_root" "wip-prefix")
(setenv "newaliases_path" (string-append bin "/newaliases"))
(setenv "mailq_path" (string-append bin "/mailq"))
(setenv "sendmail_path" (string-append sbin "/sendmail"))
(setenv "command_directory" sbin)
(setenv "shlib_directory" lib)
(setenv "daemon_directory" libexec)
(setenv "meta_directory" etc)
(setenv "sample_directory" etc)
(setenv "manpage_directory" man)
(setenv "readme_directory" doc)
(setenv "html_directory" html)
(setenv "sample_directory" (string-append out "/share/postfix")))))
(replace 'configure
(lambda _
(invoke "make" "makefiles"
"pie=yes"
"dynamicmaps=yes")))
(replace 'install
(lambda* (#:key outputs #:allow-other-keys)
(let ((out (assoc-ref outputs "out")))
(invoke "make" "non-interactive-package")
(delete-file-recursively "wip-prefix/var")
(copy-recursively "wip-prefix/etc" (string-append out "/etc"))
(copy-recursively (string-append "wip-prefix" out) out)))))))
(inputs
(list bdb
cyrus-sasl
libnsl
openssl
perl))
(native-inputs
(list m4))
(home-page "https://www.postfix.org")
(synopsis "sendmail compatible MTA")
(description
"Postfix is Wietse Venema's mail server that started life at IBM research
as an alternative to the widely-used Sendmail program. Now at Google, Wietse
continues to support Postfix.
Postfix attempts to be fast, easy to administer, and secure. The outside has a
definite Sendmail-ish flavor, but the inside is completely different.")
(license (list license:ibmpl1.0
license:epl2.0))))
(define-public python-pytest-tornado5
(package
(name "python-pytest-tornado5")
(version "2.0.0")
(source
(origin
(method url-fetch)
(uri
(pypi-uri "pytest-tornado5" version))
(sha256
(base32 "0qb62jw2w0xr6y942yp0qxiy755bismjfpnxaxjjm05gy2pymr8d"))))
(build-system python-build-system)
(propagated-inputs (list python-pytest python-tornado))
(home-page "https://github.com/vidartf/pytest-tornado")
(synopsis
"A py.test plugin providing fixtures and markers to simplify testing of asynchronous tornado applications.")
(description
"This package provides a py.test plugin providing fixtures and markers to
simplify testing of asynchronous tornado applications.")
(license license:asl2.0)))
;; FIXME
#;
(define-public python-futures
(package
(name "python-futures")
(version "3.3.0")
(source
(origin
(method url-fetch)
(uri
(pypi-uri "futures" version))
(sha256
(base32 "154pvaybk9ncyb1wpcnzgd7ayvvhhzk92ynsas7gadaydbvkl0vy"))))
(build-system python-build-system)
(home-page "https://github.com/agronholm/pythonfutures")
(synopsis "Backport of the concurrent.futures package from Python 3")
(description "Backport of the concurrent.futures package from Python 3")
(license #f)))
(define-public python-ordereddict
(package
(name "python-ordereddict")
(version "1.1")
(source
(origin
(method url-fetch)
(uri
(pypi-uri "ordereddict" version))
(sha256
(base32 "07qvy11nvgxpzarrni3wrww3vpc9yafgi2bch4j2vvvc42nb8d8w"))))
(build-system python-build-system)
(arguments
`(#:phases
(modify-phases %standard-phases
(delete 'sanity-check))))
(home-page "UNKNOWN")
(synopsis
"A drop-in substitute for Py2.7's new collections.OrderedDict that works in Python 2.4-2.6.")
(description "This package provides a drop-in substitute for Py2.7's new
collections.OrderedDict that works in Python 2.4-2.6.")
(license #f)))
(define-public python-funcsigs
(package
(name "python-funcsigs")
(version "1.0.2")
(source
(origin
(method url-fetch)
(uri
(pypi-uri "funcsigs" version))
(sha256
(base32 "0l4g5818ffyfmfs1a924811azhjj8ax9xd1cffr1mzd3ycn0zfx7"))))
(build-system python-build-system)
(propagated-inputs
(list python-ordereddict))
(native-inputs
(list python-unittest2))
(home-page "http://funcsigs.readthedocs.org")
(synopsis
"Python function signatures from PEP362 for Python 2.6, 2.7 and 3.2+")
(description
"Python function signatures from PEP362 for Python 2.6, 2.7 and 3.2+")
(license #f)))
(define-public python-apscheduler
(package
(name "python-apscheduler")
(version "3.9.1")
(source
(origin
(method url-fetch)
(uri
(pypi-uri "APScheduler" version))
(sha256
(base32 "1qzi1pr7q72vs49p7vr1mp350zaggs52lpq43lvqsjcmcd5mgrk5"))))
(build-system python-build-system)
(arguments
`(#:tests? #f))
(propagated-inputs
(list python-funcsigs
; python-futures
python-pytz
python-setuptools
python-six
python-tzlocal))
(native-inputs
(list python-mock
python-pytest
python-pytest-asyncio
python-pytest-cov
python-pytest-tornado5
python-setuptools-scm))
(home-page "https://github.com/agronholm/apscheduler")
(synopsis "In-process task scheduler with Cron-like capabilities")
(description "In-process task scheduler with Cron-like capabilities")
(license license:expat)))
(define-public python-telegram-bot
(package
(name "python-telegram-bot")
(version "13.12")
(source
(origin
(method url-fetch)
(uri
(pypi-uri "python-telegram-bot" version))
(sha256
(base32 "1rbdyr1f9mndlh83in47k8if65yp9n1dy4px2wipbf0qyjv5zxfs"))))
(build-system python-build-system)
(arguments
`(#:tests? #f
#:phases
(modify-phases %standard-phases
(delete 'sanity-check))))
(native-inputs
(list python-apscheduler))
(propagated-inputs
(list python-apscheduler
python-cachetools
python-certifi
python-pytz
python-tornado))
(home-page "https://python-telegram-bot.org/")
(synopsis "We have made you a wrapper you can't refuse")
(description "We have made you a wrapper you can't refuse")
(license #f)))
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;; services ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
(define-record-type* <shadow-group-configuration>
shadow-group-configuration
make-shadow-group-configuration
shadow-group-configuration?
(group shadow-group-configuration-group (default "etc-shadow")))
(define (shadow-group-activation config)
(match-record config <shadow-group-configuration>
(group)
#~(begin
(use-modules (guix build utils))
(format (current-error-port)
"Setting ownership and permission for \"/etc/passwd\".~%")
(chown "/etc/shadow"
(passwd:uid (getpwnam "root"))
(group:gid (getgrnam #$group)))
(chmod "/etc/shadow" #o640))))
(define (shadow-group-accounts config)
(match-record config <shadow-group-configuration>
(group)
(list
(user-group
(name group)
(system? #t)))))
(define shadow-group-service-type
(service-type
(name 'shadow-group)
(extensions
(list
(service-extension activation-service-type
shadow-group-activation)
(service-extension account-service-type
shadow-group-accounts)))
(default-value (shadow-group-configuration))
(description "FIXME:DOCUMENTATION")))
(define-record-type* <cyrus-service-configuration>
cyrus-service-configuration
make-cyrus-service-configuration
cyrus-service-configuration?
(name cyrus-service-configuration-name)
(authmech cyrus-service-configuration-authmech (default "saslauthd"))
(log-level cyrus-service-configuration-log-level (default 7)))
(define-record-type* <cyrus-sasl-configuration>
cyrus-sasl-configuration
make-cyrus-sasl-configuration
cyrus-sasl-configuration?
(cyrus-sasl cyrus-sasl-configuration-cyrus-sasl (default cyrus-sasl))
(user cyrus-sasl-configuration-user (default "cyrus-sasl"))
(group cyrus-sasl-configuration-group (default "cyrus-sasl"))
(supplementary-groups cyrus-sasl-configuration-supplementary-groups (default '("etc-shadow")))
(authmech cyrus-sasl-configuration-authmech (default "shadow"))
(services cyrus-sasl-configuration-services (default '()))
(state-dir cyrus-sasl-configuration-state-dir (default "/var/lib/saslauthd")))
(define (cyrus-sasl-etc-files config)
(match-record config <cyrus-sasl-configuration>
(services state-dir)
`(("sasl2"
,(file-union
"cyrus-sasl"
(map (lambda (service-config)
(match-record service-config <cyrus-service-configuration>
(name authmech log-level)
`(,name ,(plain-file
name
(format #f
"pwcheck_method: ~a~%saslauthd_path: ~a/mux~%log_level: ~a~%"
authmech
state-dir
log-level)))))
services))))))
(define (cyrus-sasl-activation config)
(match-record config <cyrus-sasl-configuration>
(user state-dir)
#~(begin
(use-modules (guix build utils))
(let ((user (getpwnam #$user)))
(format (current-error-port)
"Creating Cyrus SASL socket directory: \"~a\".~%" #$state-dir)
(mkdir-p #$state-dir)
(chown #$state-dir (passwd:uid user) (passwd:gid user))
(chmod #$state-dir #o755)))))
(define (cyrus-sasl-accounts config)
(match-record config <cyrus-sasl-configuration>
(user group supplementary-groups)
(list
(user-account
(name user)
(group group)
(supplementary-groups supplementary-groups)
(comment "Cyrus SASL system user")
(home-directory "/var/empty")
(shell (file-append shadow "/sbin/nologin"))
(system? #t))
(user-group
(name group)
(system? #t)))))
(define (cyrus-sasl-shepherd-service config)
(match-record config <cyrus-sasl-configuration>
(cyrus-sasl user group supplementary-groups authmech state-dir)
(list
(shepherd-service
(provision '(cyrus-sasl))
(documentation "FIXME:DOCUMENTATION")
(start #~(make-forkexec-constructor
(list
#$(file-append cyrus-sasl "/sbin/saslauthd")
"-a"
#$authmech
"-d"
"-m"
#$state-dir)
#:user #$user
#:group #$group
#:supplementary-groups '(#$@supplementary-groups)))
(stop #~(make-kill-destructor))))))
(define cyrus-sasl-service-type
(service-type
(name 'cyrus-sasl)
(extensions
(list
(service-extension etc-service-type
cyrus-sasl-etc-files)
(service-extension activation-service-type
cyrus-sasl-activation)
(service-extension profile-service-type
(compose list cyrus-sasl-configuration-cyrus-sasl))
(service-extension account-service-type
cyrus-sasl-accounts)
(service-extension shepherd-root-service-type
cyrus-sasl-shepherd-service)))
(compose srfi-1:concatenate)
(extend (lambda (config services)
(cyrus-sasl-configuration
(inherit config)
(services
(append
(cyrus-sasl-configuration-services config)
services)))))
(default-value (cyrus-sasl-configuration))
(description "FIXME:DOCUMENTATION")))
(define-record-type* <dkimproxyout-configuration>
dkimproxyout-configuration
make-dkimproxyout-configuration
dkimproxyout-configuration?
(dkimproxy dkimproxyout-configuration-dkimproxy (default dkimproxy))
(user dkimproxyout-configuration-user (default "dkimproxyout"))
(group dkimproxyout-configuration-group (default "dkimproxyout"))
(config-name dkimproxyout-configuration-config-name (default "dkimproxyout.conf"))
(listen dkimproxyout-configuration-listen (default "127.0.0.1:10027"))
(relay dkimproxyout-configuration-relay (default "127.0.0.1:10028"))
(domains dkimproxyout-configuration-domains (default (list (gethostname))))
(selector dkimproxyout-configuration-selector (default "dkimproxyout"))
(key-size dkimproxyout-configuration-key-size (default 2048))
(data-directory dkimproxyout-configuration-data-directory (default "/var/lib/dkimproxyout")))
(define (generate-out.cf config)
(match-record config <dkimproxyout-configuration>
(listen relay domains selector data-directory)
(format #f
"
listen ~a
relay ~a
domain ~a
selector ~a
signature dkim(c=relaxed/relaxed)
# FIXME:DOCUMENTATION add this to the service documentation
# the corresponding public key is available at:
# ~a/public.key
keyfile ~a/private.key
"
listen
relay
(string-join domains ",")
selector
data-directory
data-directory)))
(define (dkimproxyout-etc-files config)
(match-record config <dkimproxyout-configuration>
(config-name)
`((,config-name ,(plain-file config-name (generate-out.cf config))))))
(define (dkimproxyout-accounts config)
(match-record config <dkimproxyout-configuration>
(user group)
(list
(user-account
(name user)
(group group)
(comment "DKIMproxy.out signing system user")
(home-directory "/var/empty")
(shell (file-append shadow "/sbin/nologin"))
(system? #t))
(user-group
(name group)
(system? #t)))))
(define (dkimproxyout-activation config)
(match-record config <dkimproxyout-configuration>
(user group data-directory key-size)
#~(begin
(use-modules (guix build utils))
(let ((uid (passwd:uid (getpwnam #$user)))
(gid (group:gid (getgrnam #$group))))
(format (current-error-port)
"Creating DKIMproxy.out data directory: \"~a\".~%" #$data-directory)
(mkdir-p #$data-directory)
(chown #$data-directory uid gid)
(chmod #$data-directory #o755)
(let ((private-key (string-append #$data-directory "/private.key"))
(public-key (string-append #$data-directory "/public.key")))
(unless (file-exists? private-key)
(cond
((zero? (system* #$(file-append openssl "/bin/openssl")
"genrsa"
"-out"
private-key
(number->string #$key-size)))
(format (current-error-port)
"DKIMproxy.out private key file created: \"~a\".~%" private-key))
(else
(format (current-error-port)
"Failed to create DKIMproxy.out private key file: \"~a\".~%" private-key))))
(invoke #$(file-append openssl "/bin/openssl")
"rsa"
"-in"
private-key
"-pubout"
"-out"
public-key)
(format (current-error-port)
"Setting permissions for the public/private DKIMproxy.out keypair: \"~a/{public,private}.key\".~%" #$data-directory)
(chown private-key uid gid)
(chown public-key uid gid)
(chmod private-key #o400)
(chmod public-key #o644))))))
(define (dkimproxyout-shepherd-service config)
(match-record config <dkimproxyout-configuration>
(dkimproxy user group config-name)
(let ((config-file (string-append "/etc/" config-name)))
(list
(shepherd-service
(provision '(dkimproxyout))
(documentation "FIXME:DOCUMENTATION")
(start #~(make-forkexec-constructor
(list
#$(file-append dkimproxy "/bin/dkimproxy.out")
"--conf_file" #$config-file)
#:user #$user
#:group #$group))
(stop #~(make-kill-destructor))
(actions
(list
(shepherd-action
(name 'configuration)
(documentation "FIXME:DOCUMENTATION")
(procedure
#~(lambda _
(format #t "~a~%" #$config-file)))))))))))
(define-public dkimproxyout-service-type
(service-type
(name 'dkimproxyout)
(extensions
(list
(service-extension etc-service-type
dkimproxyout-etc-files)
(service-extension account-service-type
dkimproxyout-accounts)
(service-extension activation-service-type
dkimproxyout-activation)
(service-extension profile-service-type
(compose list dkimproxyout-configuration-dkimproxy))
(service-extension shepherd-root-service-type
dkimproxyout-shepherd-service)))
(default-value (dkimproxyout-configuration))
(description "FIXME:DOCUMENTATION")))
(list
postfix
python-telegram-bot)
|