diff options
| author | EuAndreh <eu@euandre.org> | 2022-12-08 12:30:38 -0300 |
|---|---|---|
| committer | EuAndreh <eu@euandre.org> | 2022-12-08 12:30:38 -0300 |
| commit | 5f921583bd67b7607619d4716c69b5b26c7410f6 (patch) | |
| tree | 5ef4b800fc93e6b462d3d4eb3b26cc6deaa75f21 | |
| parent | system.scm: Do not create /var/empty home directory for system users (diff) | |
| download | toph-5f921583bd67b7607619d4716c69b5b26c7410f6.tar.gz toph-5f921583bd67b7607619d4716c69b5b26c7410f6.tar.xz | |
system.scm: Parameterize "etc-shadow" group for dovecot2 configuration
| -rw-r--r-- | src/infrastructure/guix/system.scm | 34 |
1 files changed, 18 insertions, 16 deletions
diff --git a/src/infrastructure/guix/system.scm b/src/infrastructure/guix/system.scm index 4dff540..939ebcc 100644 --- a/src/infrastructure/guix/system.scm +++ b/src/infrastructure/guix/system.scm @@ -742,6 +742,7 @@ flush unix n - n 1000? 0 flush lmtp unix - - n - - lmtp local unix - n n - - local + # FIXME: replace 127.0.0.1 with localhost pickup unix n - n 60 1 pickup -o content_filter=dksign:[127.0.0.1]:10027 proxymap unix - - n - - proxymap @@ -1050,21 +1051,23 @@ dovecot2-configuration make-dovecot2-configuration dovecot2-configuration? - (dovecot2 dovecot2-configuration-dovecot2 (default dovecot)) - (raw-file dovecot2-configuration-raw-file (default #f)) - (extra-content dovecot2-configuration-extra-content (default "")) - (config-name dovecot2-configuration-config-name (default "dovecot2.conf")) - (user dovecot2-configuration-user (default "dovecot2")) - (group dovecot2-configuration-group (default "dovecot2")) - (untrusted-user dovecot2-configuration-untrusted-user (default "dovenull2")) - (untrusted-group dovecot2-configuration-untrusted-group (default "dovenull2")) - (base-dir dovecot2-configuration-base-dir (default "/var/run/dovecot2")) - (state-dir dovecot2-configuration-state-dir (default "/var/lib/dovecot2")) - (hostname dovecot2-configuration-hostname (default (gethostname)))) + (dovecot2 dovecot2-configuration-dovecot2 (default dovecot)) + (raw-file dovecot2-configuration-raw-file (default #f)) + (extra-content dovecot2-configuration-extra-content (default "")) + (config-name dovecot2-configuration-config-name (default "dovecot2.conf")) + (user dovecot2-configuration-user (default "dovecot2")) + (group dovecot2-configuration-group (default "dovecot2")) + (auth-worker-group dovecot2-configuration-auth-worker-group (default "etc-shadow")) + (untrusted-user dovecot2-configuration-untrusted-user (default "dovenull2")) + (untrusted-group dovecot2-configuration-untrusted-group (default "dovenull2")) + (base-dir dovecot2-configuration-base-dir (default "/var/run/dovecot2")) + (state-dir dovecot2-configuration-state-dir (default "/var/lib/dovecot2")) + (hostname dovecot2-configuration-hostname (default (gethostname)))) (define (generate-dovecot-config config) (match-record config <dovecot2-configuration> - (user group untrusted-user hostname base-dir state-dir extra-content) + (user group auth-worker-group untrusted-user + hostname base-dir state-dir extra-content) (format #f #"- protocols = imap @@ -1082,8 +1085,7 @@ driver = passwd } service auth-worker { - # FIXME: hard-coded group - group = etc-shadow + group = ~a } @@ -1132,6 +1134,7 @@ user group untrusted-user + auth-worker-group hostname hostname state-dir @@ -1795,8 +1798,7 @@ keyfile ~a/private.key fastcgi_param PATH_INFO $uri; fastcgi_param QUERY_STRING $args; fastcgi_param HTTP_HOST $server_name; - # FIXME: use localhost instead? - fastcgi_pass 127.0.0.1:9000; + fastcgi_pass localhost:9000; rewrite /git(.*) $1 break; "#))) (nginx-location-configuration |