diff options
| author | Graham Christensen <graham@grahamc.com> | 2019-06-25 18:04:22 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-25 18:04:22 -0400 |
| commit | 38c28ef10c54bf4899d467854e893842cffb4de6 (patch) | |
| tree | a4b38800f30b0c9d794715dc1c2c7f193570b011 /nixos/modules/services/mail | |
| parent | 880bc93fc0ad44ea5b973e532c338afeb70d2a71 (diff) | |
| parent | de6e5ea8152b29c975096d7d4b7d0938874ee37a (diff) | |
| download | nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.gz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.bz2 nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.lz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.xz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.zst nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.zip | |
Merge pull request #56265 from aanderse/permissions-start-only
replace deprecated usage of PermissionsStartOnly (part 2)
Diffstat (limited to 'nixos/modules/services/mail')
| -rw-r--r-- | nixos/modules/services/mail/dspam.nix | 13 | ||||
| -rw-r--r-- | nixos/modules/services/mail/opendkim.nix | 7 |
2 files changed, 8 insertions, 12 deletions
diff --git a/nixos/modules/services/mail/dspam.nix b/nixos/modules/services/mail/dspam.nix index 167b5aeccc8..72b8c4c08b9 100644 --- a/nixos/modules/services/mail/dspam.nix +++ b/nixos/modules/services/mail/dspam.nix @@ -113,19 +113,14 @@ in { Group = cfg.group; RuntimeDirectory = optional (cfg.domainSocket == defaultSock) "dspam"; RuntimeDirectoryMode = optional (cfg.domainSocket == defaultSock) "0750"; - PermissionsStartOnly = true; + StateDirectory = "dspam"; + StateDirectoryMode = "0750"; + LogsDirectory = "dspam"; + LogsDirectoryMode = "0750"; # DSPAM segfaults on just about every error Restart = "on-abort"; RestartSec = "1s"; }; - - preStart = '' - mkdir -m750 -p /var/lib/dspam - chown -R "${cfg.user}:${cfg.group}" /var/lib/dspam - - mkdir -m750 -p /var/log/dspam - chown -R "${cfg.user}:${cfg.group}" /var/log/dspam - ''; }; } diff --git a/nixos/modules/services/mail/opendkim.nix b/nixos/modules/services/mail/opendkim.nix index 7855efb46c7..253823cbaf9 100644 --- a/nixos/modules/services/mail/opendkim.nix +++ b/nixos/modules/services/mail/opendkim.nix @@ -101,13 +101,16 @@ in { environment.systemPackages = [ pkgs.opendkim ]; + systemd.tmpfiles.rules = [ + "d '${cfg.keyPath}' - ${cfg.user} ${cfg.group} - -" + ]; + systemd.services.opendkim = { description = "OpenDKIM signing and verification daemon"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' - mkdir -p "${cfg.keyPath}" cd "${cfg.keyPath}" if ! test -f ${cfg.selector}.private; then ${pkgs.opendkim}/bin/opendkim-genkey -s ${cfg.selector} -d all-domains-generic-key @@ -116,7 +119,6 @@ in { cat ${cfg.selector}.txt echo "-------------------------------------------------------------" fi - chown ${cfg.user}:${cfg.group} ${cfg.selector}.private ''; serviceConfig = { @@ -124,7 +126,6 @@ in { User = cfg.user; Group = cfg.group; RuntimeDirectory = optional (cfg.socket == defaultSock) "opendkim"; - PermissionsStartOnly = true; }; }; |