124 lines
3.8 KiB
Nix
124 lines
3.8 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
let
|
||
|
|
||
|
cfg = config.services.davmail;
|
||
|
|
||
|
configType = with lib.types;
|
||
|
oneOf [ (attrsOf configType) str int bool ] // {
|
||
|
description = "davmail config type (str, int, bool or attribute set thereof)";
|
||
|
};
|
||
|
|
||
|
toStr = val: if lib.isBool val then lib.boolToString val else toString val;
|
||
|
|
||
|
linesForAttrs = attrs: lib.concatMap (name: let value = attrs.${name}; in
|
||
|
if lib.isAttrs value
|
||
|
then map (line: name + "." + line) (linesForAttrs value)
|
||
|
else [ "${name}=${toStr value}" ]
|
||
|
) (lib.attrNames attrs);
|
||
|
|
||
|
configFile = pkgs.writeText "davmail.properties" (lib.concatStringsSep "\n" (linesForAttrs cfg.config));
|
||
|
|
||
|
in
|
||
|
|
||
|
{
|
||
|
options.services.davmail = {
|
||
|
enable = lib.mkEnableOption "davmail, an MS Exchange gateway";
|
||
|
|
||
|
url = lib.mkOption {
|
||
|
type = lib.types.str;
|
||
|
description = "Outlook Web Access URL to access the exchange server, i.e. the base webmail URL.";
|
||
|
example = "https://outlook.office365.com/EWS/Exchange.asmx";
|
||
|
};
|
||
|
|
||
|
config = lib.mkOption {
|
||
|
type = configType;
|
||
|
default = {};
|
||
|
description = ''
|
||
|
Davmail configuration. Refer to
|
||
|
<http://davmail.sourceforge.net/serversetup.html>
|
||
|
and <http://davmail.sourceforge.net/advanced.html>
|
||
|
for details on supported values.
|
||
|
'';
|
||
|
example = lib.literalExpression ''
|
||
|
{
|
||
|
davmail.allowRemote = true;
|
||
|
davmail.imapPort = 55555;
|
||
|
davmail.bindAddress = "10.0.1.2";
|
||
|
davmail.smtpSaveInSent = true;
|
||
|
davmail.folderSizeLimit = 10;
|
||
|
davmail.caldavAutoSchedule = false;
|
||
|
log4j.logger.rootLogger = "DEBUG";
|
||
|
}
|
||
|
'';
|
||
|
};
|
||
|
};
|
||
|
|
||
|
config = lib.mkIf cfg.enable {
|
||
|
|
||
|
services.davmail.config = {
|
||
|
davmail = lib.mapAttrs (name: lib.mkDefault) {
|
||
|
server = true;
|
||
|
disableUpdateCheck = true;
|
||
|
logFilePath = "/var/log/davmail/davmail.log";
|
||
|
logFileSize = "1MB";
|
||
|
mode = "auto";
|
||
|
url = cfg.url;
|
||
|
caldavPort = 1080;
|
||
|
imapPort = 1143;
|
||
|
ldapPort = 1389;
|
||
|
popPort = 1110;
|
||
|
smtpPort = 1025;
|
||
|
};
|
||
|
log4j = {
|
||
|
logger.davmail = lib.mkDefault "WARN";
|
||
|
logger.httpclient.wire = lib.mkDefault "WARN";
|
||
|
logger.org.apache.commons.httpclient = lib.mkDefault "WARN";
|
||
|
rootLogger = lib.mkDefault "WARN";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
systemd.services.davmail = {
|
||
|
description = "DavMail POP/IMAP/SMTP Exchange Gateway";
|
||
|
after = [ "network.target" ];
|
||
|
wantedBy = [ "multi-user.target" ];
|
||
|
|
||
|
serviceConfig = {
|
||
|
Type = "simple";
|
||
|
ExecStart = "${pkgs.davmail}/bin/davmail ${configFile}";
|
||
|
Restart = "on-failure";
|
||
|
DynamicUser = "yes";
|
||
|
LogsDirectory = "davmail";
|
||
|
|
||
|
CapabilityBoundingSet = [ "" ];
|
||
|
DeviceAllow = [ "" ];
|
||
|
LockPersonality = true;
|
||
|
NoNewPrivileges = true;
|
||
|
PrivateDevices = true;
|
||
|
PrivateTmp = true;
|
||
|
PrivateUsers = true;
|
||
|
ProtectClock = true;
|
||
|
ProtectControlGroups = true;
|
||
|
ProtectHome = true;
|
||
|
ProtectSystem = "strict";
|
||
|
ProtectHostname = true;
|
||
|
ProtectKernelLogs = true;
|
||
|
ProtectKernelModules = true;
|
||
|
ProtectKernelTunables = true;
|
||
|
ProtectProc = "invisible";
|
||
|
RemoveIPC = true;
|
||
|
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
|
||
|
RestrictNamespaces = true;
|
||
|
RestrictRealtime = true;
|
||
|
RestrictSUIDSGID = true;
|
||
|
SystemCallArchitectures = "native";
|
||
|
SystemCallFilter = "@system-service";
|
||
|
SystemCallErrorNumber = "EPERM";
|
||
|
UMask = "0077";
|
||
|
|
||
|
};
|
||
|
};
|
||
|
|
||
|
environment.systemPackages = [ pkgs.davmail ];
|
||
|
};
|
||
|
}
|