aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/org/euandre/queue.scm32
1 files changed, 23 insertions, 9 deletions
diff --git a/src/org/euandre/queue.scm b/src/org/euandre/queue.scm
index 5a6e7ac..55444b0 100644
--- a/src/org/euandre/queue.scm
+++ b/src/org/euandre/queue.scm
@@ -1347,7 +1347,11 @@ correctly.")))
(untrusted-supplementary-groups dovecot-configuration-untrusted-supplementary-groups (default '()))
(base-dir dovecot-configuration-base-dir (default "/var/run/dovecot"))
(state-dir dovecot-configuration-state-dir (default "/var/lib/dovecot"))
- (hostname dovecot-configuration-hostname (default (gethostname))))
+ (hostname dovecot-configuration-hostname (default (gethostname)))
+ (run-in-container? dovecot-configuration-run-in-container? (default #f))
+ (container-name dovecot-configuration-container-name (default "dovecot"))
+ (container-namespaces dovecot-configuration-container-namespaces (default (s1:fold delq container:%namespaces '(net))))
+ (extra-mappings dovecot-configuration-extra-mappings (default '())))
(define (generate-dovecot-config config)
(match-record config <dovecot-configuration>
@@ -1491,18 +1495,28 @@ namespace inbox {
(define (dovecot-shepherd-service config)
(match-record config <dovecot-configuration>
- (package config-dirname config-filename)
- (let ((config-file (string-append "/etc/" config-dirname "/" config-filename)))
+ (package config-dirname config-filename
+ run-in-container? container-name container-namespaces extra-mappings)
+ (let* ((config-file (string-append "/etc/" config-dirname "/" config-filename))
+ (bin (file-append package "/sbin/dovecot"))
+ (cmd (if (not run-in-container?)
+ bin
+ (least-authority-wrapper
+ bin
+ #:name container-name
+ #:namespaces container-namespaces
+ #:mappings (append
+ (list
+ (file-system-mapping
+ (source "/etc/shadow")
+ (target source)))
+ extra-mappings)))))
(list
(shepherd-service
(provision '(dovecot))
(documentation "")
(start #~(make-forkexec-constructor
- (list
- #$(file-append package "/sbin/dovecot")
- "-F"
- "-c"
- #$config-file)))
+ (list #$cmd "-F" "-c" #$config-file)))
(stop #~(make-kill-destructor))
(actions
(list
@@ -1517,7 +1531,7 @@ namespace inbox {
(documentation "FIXME:DOCUMENTATION: heredoc syntax")
(procedure
#~(lambda _
- (invoke #$(file-append dovecot "/bin/doveadm")
+ (invoke #$(file-append package "/bin/doveadm")
"-c"
#$config-file
"reload")))))))))))