From f3fc60b310d9facdc9fb1e2c68a736b1924fa542 Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Fri, 11 Dec 2020 19:56:08 -0500 Subject: nixos/clamav: add settings options to replace extraConfig options --- nixos/modules/services/security/clamav.nix | 67 ++++++++++++++++-------------- 1 file changed, 36 insertions(+), 31 deletions(-) diff --git a/nixos/modules/services/security/clamav.nix b/nixos/modules/services/security/clamav.nix index aaf6fb0479b..340cbbf02fb 100644 --- a/nixos/modules/services/security/clamav.nix +++ b/nixos/modules/services/security/clamav.nix @@ -8,30 +8,19 @@ let cfg = config.services.clamav; pkg = pkgs.clamav; - clamdConfigFile = pkgs.writeText "clamd.conf" '' - DatabaseDirectory ${stateDir} - LocalSocket ${runDir}/clamd.ctl - PidFile ${runDir}/clamd.pid - TemporaryDirectory /tmp - User clamav - Foreground yes - - ${cfg.daemon.extraConfig} - ''; - - freshclamConfigFile = pkgs.writeText "freshclam.conf" '' - DatabaseDirectory ${stateDir} - Foreground yes - Checks ${toString cfg.updater.frequency} - - ${cfg.updater.extraConfig} - - DatabaseMirror database.clamav.net - ''; + toKeyValue = generators.toKeyValue { + mkKeyValue = generators.mkKeyValueDefault {} " "; + listsAsDuplicateKeys = true; + }; + + clamdConfigFile = pkgs.writeText "clamd.conf" (toKeyValue cfg.daemon.settings); + freshclamConfigFile = pkgs.writeText "freshclam.conf" (toKeyValue cfg.updater.settings); in { imports = [ - (mkRenamedOptionModule [ "services" "clamav" "updater" "config" ] [ "services" "clamav" "updater" "extraConfig" ]) + (mkRemovedOptionModule [ "services" "clamav" "updater" "config" ] "Use services.clamav.updater.settings instead.") + (mkRemovedOptionModule [ "services" "clamav" "updater" "extraConfig" ] "Use services.clamav.updater.settings instead.") + (mkRemovedOptionModule [ "services" "clamav" "daemon" "extraConfig" ] "Use services.clamav.daemon.settings instead.") ]; options = { @@ -39,12 +28,12 @@ in daemon = { enable = mkEnableOption "ClamAV clamd daemon"; - extraConfig = mkOption { - type = types.lines; - default = ""; + settings = mkOption { + type = with types; attrsOf (oneOf [ bool int str (listOf str) ]); + default = {}; description = '' - Extra configuration for clamd. Contents will be added verbatim to the - configuration file. + ClamAV configuration. Refer to , + for details on supported values. ''; }; }; @@ -68,12 +57,12 @@ in ''; }; - extraConfig = mkOption { - type = types.lines; - default = ""; + settings = mkOption { + type = with types; attrsOf (oneOf [ bool int str (listOf str) ]); + default = {}; description = '' - Extra configuration for freshclam. Contents will be added verbatim to the - configuration file. + freshclam configuration. Refer to , + for details on supported values. ''; }; }; @@ -93,6 +82,22 @@ in users.groups.${clamavGroup} = { gid = config.ids.gids.clamav; }; + services.clamav.daemon.settings = { + DatabaseDirectory = stateDir; + LocalSocket = "${runDir}/clamd.ctl"; + PidFile = "${runDir}/clamd.pid"; + TemporaryDirectory = "/tmp"; + User = "clamav"; + Foreground = true; + }; + + services.clamav.updater.settings = { + DatabaseDirectory = stateDir; + Foreground = true; + Checks = cfg.updater.frequency; + DatabaseMirror = [ "database.clamav.net" ]; + }; + environment.etc."clamav/freshclam.conf".source = freshclamConfigFile; environment.etc."clamav/clamd.conf".source = clamdConfigFile; -- cgit 1.4.1