diff options
| author | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-10-10 13:28:20 +0200 |
|---|---|---|
| committer | Eelco Dolstra <eelco.dolstra@logicblox.com> | 2013-10-10 13:28:20 +0200 |
| commit | 5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010 (patch) | |
| tree | a6c0f605be6de3f372ae69905b331f9f75452da7 /nixos/modules/services/security/clamav.nix | |
| parent | 6070bc016bd2fd945b04347e25cfd3738622d2ac (diff) | |
| download | nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.gz nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.bz2 nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.lz nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.xz nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.tar.zst nixpkgs-5c1f8cbc70cd5e6867ef6a2a06d27a40daa07010.zip | |
Move all of NixOS to nixos/ in preparation of the repository merge
Diffstat (limited to 'nixos/modules/services/security/clamav.nix')
| -rw-r--r-- | nixos/modules/services/security/clamav.nix | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/nixos/modules/services/security/clamav.nix b/nixos/modules/services/security/clamav.nix new file mode 100644 index 00000000000..5ccb4927fcb --- /dev/null +++ b/nixos/modules/services/security/clamav.nix @@ -0,0 +1,80 @@ +{ config, pkgs, ... }: +with pkgs.lib; +let + clamavUser = "clamav"; + stateDir = "/var/lib/clamav"; + clamavGroup = clamavUser; + cfg = config.services.clamav; +in +{ + ###### interface + + options = { + + services.clamav = { + updater = { + enable = mkOption { + default = false; + description = '' + Whether to enable automatic ClamAV virus definitions database updates. + ''; + }; + + frequency = mkOption { + default = 12; + description = '' + Number of database checks per day. + ''; + }; + + config = mkOption { + default = ""; + description = '' + Extra configuration for freshclam. Contents will be added verbatim to the + configuration file. + ''; + }; + }; + }; + }; + + ###### implementation + + config = mkIf cfg.updater.enable { + environment.systemPackages = [ pkgs.clamav ]; + users.extraUsers = singleton + { name = clamavUser; + uid = config.ids.uids.clamav; + description = "ClamAV daemon user"; + home = stateDir; + }; + + users.extraGroups = singleton + { name = clamavGroup; + gid = config.ids.gids.clamav; + }; + + services.clamav.updater.config = '' + DatabaseDirectory ${stateDir} + Foreground yes + Checks ${toString cfg.updater.frequency} + DatabaseMirror database.clamav.net + ''; + + jobs = { + clamav_updater = { + name = "clamav-updater"; + startOn = "started network-interfaces"; + stopOn = "stopping network-interfaces"; + + preStart = '' + mkdir -m 0755 -p ${stateDir} + chown ${clamavUser}:${clamavGroup} ${stateDir} + ''; + exec = "${pkgs.clamav}/bin/freshclam --config-file=${pkgs.writeText "freshclam.conf" cfg.updater.config}"; + }; + }; + + }; + +} \ No newline at end of file |