diff options
-rw-r--r-- | nixos/doc/manual/from_md/release-notes/rl-2205.section.xml | 38 | ||||
-rw-r--r-- | nixos/doc/manual/release-notes/rl-2205.section.md | 33 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 1 | ||||
-rw-r--r-- | nixos/modules/programs/ssmtp.nix | 190 | ||||
-rw-r--r-- | nixos/modules/rename.nix | 5 | ||||
-rw-r--r-- | nixos/modules/services/monitoring/nagios.nix | 4 | ||||
-rw-r--r-- | nixos/tests/mailcatcher.nix | 9 | ||||
-rw-r--r-- | pkgs/tools/networking/ssmtp/default.nix | 45 | ||||
-rw-r--r-- | pkgs/tools/networking/ssmtp/ssmtp_support_AuthPassFile_parameter.patch | 69 | ||||
-rw-r--r-- | pkgs/top-level/aliases.nix | 1 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 2 | ||||
-rw-r--r-- | pkgs/top-level/release-small.nix | 2 |
12 files changed, 87 insertions, 312 deletions
diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index be38e3fb389..d49a997918c 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -464,6 +464,44 @@ </listitem> <listitem> <para> + <literal>pkgs.ssmtp</literal> has been dropped due to the + program being unmaintained. <literal>pkgs.msmtp</literal> can + be used instead as a substitute <literal>sendmail</literal> + implementation. The corresponding options + <literal>services.ssmtp.*</literal> have been removed as well. + <literal>programs.msmtp.*</literal> can be used instead for an + equivalent setup. For example: + </para> + <programlisting language="bash"> +{ + # Original ssmtp configuration: + services.ssmtp = { + enable = true; + useTLS = true; + useSTARTTLS = true; + hostName = "smtp.example:587"; + authUser = "someone"; + authPassFile = "/secrets/password.txt"; + }; + + # Equivalent msmtp configuration: + programs.msmtp = { + enable = true; + accounts.default = { + tls = true; + tls_starttls = true; + auth = true; + host = "smtp.example"; + port = 587; + user = "someone"; + passwordeval = "cat /secrets/password.txt"; + }; + }; +} +</programlisting> + </listitem> + <listitem> + <para> <literal>services.kubernetes.addons.dashboard</literal> was removed due to it being an outdated version. </para> diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 4fddd34d447..a5bcd09211c 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -150,6 +150,39 @@ In addition to numerous new and upgraded packages, this release has the followin - `security.klogd` was removed. Logging of kernel messages is handled by systemd since Linux 3.5. +- `pkgs.ssmtp` has been dropped due to the program being unmaintained. + `pkgs.msmtp` can be used instead as a substitute `sendmail` implementation. + The corresponding options `services.ssmtp.*` have been removed as well. + `programs.msmtp.*` can be used instead for an equivalent setup. For example: + + ```nix + { + # Original ssmtp configuration: + services.ssmtp = { + enable = true; + useTLS = true; + useSTARTTLS = true; + hostName = "smtp.example:587"; + authUser = "someone"; + authPassFile = "/secrets/password.txt"; + }; + + # Equivalent msmtp configuration: + programs.msmtp = { + enable = true; + accounts.default = { + tls = true; + tls_starttls = true; + auth = true; + host = "smtp.example"; + port = 587; + user = "someone"; + passwordeval = "cat /secrets/password.txt"; + }; + }; + } + ``` + - `services.kubernetes.addons.dashboard` was removed due to it being an outdated version. - `services.kubernetes.scheduler.{port,address}` now set `--secure-port` and `--bind-address` instead of `--port` and `--address`, since the former have been deprecated and are no longer functional in kubernetes>=1.23. Ensure that you are not relying on the insecure behaviour before upgrading. diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 4c882707c5f..c6008864e8b 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -205,7 +205,6 @@ ./programs/spacefm.nix ./programs/singularity.nix ./programs/ssh.nix - ./programs/ssmtp.nix ./programs/sysdig.nix ./programs/systemtap.nix ./programs/starship.nix diff --git a/nixos/modules/programs/ssmtp.nix b/nixos/modules/programs/ssmtp.nix deleted file mode 100644 index b454bf35229..00000000000 --- a/nixos/modules/programs/ssmtp.nix +++ /dev/null @@ -1,190 +0,0 @@ -# Configuration for `ssmtp', a trivial mail transfer agent that can -# replace sendmail/postfix on simple systems. It delivers email -# directly to an SMTP server defined in its configuration file, without -# queueing mail locally. - -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.ssmtp; - -in -{ - - imports = [ - (mkRenamedOptionModule [ "networking" "defaultMailServer" "directDelivery" ] [ "services" "ssmtp" "enable" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "hostName" ] [ "services" "ssmtp" "hostName" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "domain" ] [ "services" "ssmtp" "domain" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "root" ] [ "services" "ssmtp" "root" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "useTLS" ] [ "services" "ssmtp" "useTLS" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "useSTARTTLS" ] [ "services" "ssmtp" "useSTARTTLS" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "authUser" ] [ "services" "ssmtp" "authUser" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "authPassFile" ] [ "services" "ssmtp" "authPassFile" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "setSendmail" ] [ "services" "ssmtp" "setSendmail" ]) - - (mkRemovedOptionModule [ "networking" "defaultMailServer" "authPass" ] "authPass has been removed since it leaks the clear-text password into the world-readable store. Use authPassFile instead and make sure it's not a store path") - (mkRemovedOptionModule [ "services" "ssmtp" "authPass" ] "authPass has been removed since it leaks the clear-text password into the world-readable store. Use authPassFile instead and make sure it's not a store path") - ]; - - options = { - - services.ssmtp = { - - enable = mkOption { - type = types.bool; - default = false; - description = '' - Use the trivial Mail Transfer Agent (MTA) - <command>ssmtp</command> package to allow programs to send - e-mail. If you don't want to run a “real” MTA like - <command>sendmail</command> or <command>postfix</command> on - your machine, set this option to <literal>true</literal>, and - set the option - <option>services.ssmtp.hostName</option> to the - host name of your preferred mail server. - ''; - }; - - settings = mkOption { - type = with types; attrsOf (oneOf [ bool str ]); - default = {}; - description = '' - <citerefentry><refentrytitle>ssmtp</refentrytitle><manvolnum>5</manvolnum></citerefentry> configuration. Refer - to <link xlink:href="https://linux.die.net/man/5/ssmtp.conf"/> for details on supported values. - ''; - example = literalExpression '' - { - Debug = true; - FromLineOverride = false; - } - ''; - }; - - hostName = mkOption { - type = types.str; - example = "mail.example.org"; - description = '' - The host name of the default mail server to use to deliver - e-mail. Can also contain a port number (ex: mail.example.org:587), - defaults to port 25 if no port is given. - ''; - }; - - root = mkOption { - type = types.str; - default = ""; - example = "root@example.org"; - description = '' - The e-mail to which mail for users with UID < 1000 is forwarded. - ''; - }; - - domain = mkOption { - type = types.str; - default = ""; - example = "example.org"; - description = '' - The domain from which mail will appear to be sent. - ''; - }; - - useTLS = mkOption { - type = types.bool; - default = false; - description = '' - Whether TLS should be used to connect to the default mail - server. - ''; - }; - - useSTARTTLS = mkOption { - type = types.bool; - default = false; - description = '' - Whether the STARTTLS should be used to connect to the default - mail server. (This is needed for TLS-capable mail servers - running on the default SMTP port 25.) - ''; - }; - - authUser = mkOption { - type = types.str; - default = ""; - example = "foo@example.org"; - description = '' - Username used for SMTP auth. Leave blank to disable. - ''; - }; - - authPassFile = mkOption { - type = types.nullOr types.str; - default = null; - example = "/run/keys/ssmtp-authpass"; - description = '' - Path to a file that contains the password used for SMTP auth. The file - should not contain a trailing newline, if the password does not contain one - (e.g. use <command>echo -n "password" > file</command>). - This file should be readable by the users that need to execute ssmtp. - ''; - }; - - setSendmail = mkOption { - type = types.bool; - default = true; - description = "Whether to set the system sendmail to ssmtp's."; - }; - - }; - - }; - - - config = mkIf cfg.enable { - - assertions = [ - { - assertion = cfg.useSTARTTLS -> cfg.useTLS; - message = "services.ssmtp.useSTARTTLS has no effect without services.ssmtp.useTLS"; - } - ]; - - services.ssmtp.settings = mkMerge [ - ({ - MailHub = cfg.hostName; - FromLineOverride = mkDefault true; - UseTLS = cfg.useTLS; - UseSTARTTLS = cfg.useSTARTTLS; - }) - (mkIf (cfg.root != "") { root = cfg.root; }) - (mkIf (cfg.domain != "") { rewriteDomain = cfg.domain; }) - (mkIf (cfg.authUser != "") { AuthUser = cfg.authUser; }) - (mkIf (cfg.authPassFile != null) { AuthPassFile = cfg.authPassFile; }) - ]; - - # careful here: ssmtp REQUIRES all config lines to end with a newline char! - environment.etc."ssmtp/ssmtp.conf".text = with generators; toKeyValue { - mkKeyValue = mkKeyValueDefault { - mkValueString = value: - if value == true then "YES" - else if value == false then "NO" - else mkValueStringDefault {} value - ; - } "="; - } cfg.settings; - - environment.systemPackages = [pkgs.ssmtp]; - - services.mail.sendmailSetuidWrapper = mkIf cfg.setSendmail { - program = "sendmail"; - source = "${pkgs.ssmtp}/bin/sendmail"; - setuid = false; - setgid = false; - owner = "root"; - group = "root"; - }; - - }; - -} diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 72395b2ee86..1d226276493 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -69,6 +69,11 @@ with lib; '') (mkRemovedOptionModule [ "services" "quagga" ] "the corresponding package has been removed from nixpkgs") (mkRemovedOptionModule [ "services" "seeks" ] "") + (mkRemovedOptionModule [ "services" "ssmtp" ] '' + The ssmtp package and the corresponding module have been removed due to + the program being unmaintained. The options `programs.msmtp.*` can be + used instead. + '') (mkRemovedOptionModule [ "services" "venus" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "wakeonlan"] "This module was removed in favor of enabling it with networking.interfaces.<name>.wakeOnLan") (mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.") diff --git a/nixos/modules/services/monitoring/nagios.nix b/nixos/modules/services/monitoring/nagios.nix index 2c7f0ed1966..69173ce4e44 100644 --- a/nixos/modules/services/monitoring/nagios.nix +++ b/nixos/modules/services/monitoring/nagios.nix @@ -102,8 +102,8 @@ in plugins = mkOption { type = types.listOf types.package; - default = with pkgs; [ monitoring-plugins ssmtp mailutils ]; - defaultText = literalExpression "[pkgs.monitoring-plugins pkgs.ssmtp pkgs.mailutils]"; + default = with pkgs; [ monitoring-plugins msmtp mailutils ]; + defaultText = literalExpression "[pkgs.monitoring-plugins pkgs.msmtp pkgs.mailutils]"; description = " Packages to be added to the Nagios <envar>PATH</envar>. Typically used to add plugins, but can be anything. diff --git a/nixos/tests/mailcatcher.nix b/nixos/tests/mailcatcher.nix index d7858ab354b..f23b749a021 100644 --- a/nixos/tests/mailcatcher.nix +++ b/nixos/tests/mailcatcher.nix @@ -9,8 +9,13 @@ import ./make-test-python.nix ({ lib, ... }: { services.mailcatcher.enable = true; - services.ssmtp.enable = true; - services.ssmtp.hostName = "localhost:1025"; + programs.msmtp = { + enable = true; + accounts.default = { + host = "localhost"; + port = 1025; + }; + }; environment.systemPackages = [ pkgs.mailutils ]; }; diff --git a/pkgs/tools/networking/ssmtp/default.nix b/pkgs/tools/networking/ssmtp/default.nix deleted file mode 100644 index ec309a4a2ce..00000000000 --- a/pkgs/tools/networking/ssmtp/default.nix +++ /dev/null @@ -1,45 +0,0 @@ -{ lib, stdenv, fetchurl, tlsSupport ? true, openssl }: - -stdenv.mkDerivation rec { - pname = "ssmtp"; - version = "2.64"; - - src = fetchurl { - url = "mirror://debian/pool/main/s/ssmtp/ssmtp_${version}.orig.tar.bz2"; - sha256 = "0dps8s87ag4g3jr6dk88hs9zl46h3790marc5c2qw7l71k4pvhr2"; - }; - - # A request has been made to merge this patch into ssmtp. - # See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858781 - patches = [ ./ssmtp_support_AuthPassFile_parameter.patch ]; - - configureFlags = [ - "--sysconfdir=/etc" - (lib.enableFeature tlsSupport "ssl") - ]; - - postConfigure = '' - # Don't run the script that interactively generates a config file. - # Also don't install the broken, cyclic symlink /lib/sendmail. - sed -e '/INSTALLED_CONFIGURATION_FILE/d' \ - -e 's|/lib/sendmail|$(TMPDIR)/sendmail|' \ - -i Makefile - substituteInPlace Makefile \ - --replace '$(INSTALL) -s' '$(INSTALL) -s --strip-program $(STRIP)' - ''; - - installFlags = [ "etcdir=$(out)/etc" ]; - - installTargets = [ "install" "install-sendmail" ]; - - buildInputs = lib.optional tlsSupport openssl; - - NIX_LDFLAGS = lib.optionalString tlsSupport "-lcrypto"; - - meta = with lib; { - description = "simple MTA to deliver mail from a computer to a mail hub"; - platforms = platforms.linux; - license = licenses.gpl2; - maintainers = with maintainers; [ basvandijk ]; - }; -} diff --git a/pkgs/tools/networking/ssmtp/ssmtp_support_AuthPassFile_parameter.patch b/pkgs/tools/networking/ssmtp/ssmtp_support_AuthPassFile_parameter.patch deleted file mode 100644 index 371c0f6de2b..00000000000 --- a/pkgs/tools/networking/ssmtp/ssmtp_support_AuthPassFile_parameter.patch +++ /dev/null @@ -1,69 +0,0 @@ -diff -Naurb a/ssmtp.c b/ssmtp.c ---- a/ssmtp.c 2009-11-23 10:55:11.000000000 +0100 -+++ b/ssmtp.c 2017-03-25 03:00:26.508283016 +0100 -@@ -57,6 +57,7 @@ - char arpadate[ARPADATE_LENGTH]; - char *auth_user = (char)NULL; - char *auth_pass = (char)NULL; -+char *auth_passfile = (char)NULL; - char *auth_method = (char)NULL; /* Mechanism for SMTP authentication */ - char *mail_domain = (char)NULL; - char *from = (char)NULL; /* Use this as the From: address */ -@@ -1053,6 +1054,15 @@ - log_event(LOG_INFO, "Set AuthPass=\"%s\"\n", auth_pass); - } - } -+ else if(strcasecmp(p, "AuthPassFile") == 0 && !auth_passfile) { -+ if((auth_passfile = strdup(q)) == (char *)NULL) { -+ die("parse_config() -- strdup() failed"); -+ } -+ -+ if(log_level > 0) { -+ log_event(LOG_INFO, "Set AuthPassFile=\"%s\"\n", auth_passfile); -+ } -+ } - else if(strcasecmp(p, "AuthMethod") == 0 && !auth_method) { - if((auth_method = strdup(q)) == (char *)NULL) { - die("parse_config() -- strdup() failed"); -@@ -1415,6 +1425,8 @@ - struct passwd *pw; - int i, sock; - uid_t uid; -+ FILE *fp; -+ char pass_buf[BUF_SZ+1]; - bool_t minus_v_save, leadingdot, linestart = True; - int timeout = 0; - int bufsize = sizeof(b)-1; -@@ -1433,6 +1445,17 @@ - log_event(LOG_INFO, "%s not found", config_file); - } - -+ if(auth_passfile != (char *)NULL) { -+ if((fp = fopen(auth_passfile, "r")) == (FILE *)NULL) { -+ die("Could not open the AuthPassFile %s", auth_passfile); -+ } -+ if (fgets(pass_buf, BUF_SZ, fp) == NULL) { -+ die("Error while reading a line from the AuthPassFile %s, or it is empty", auth_passfile); -+ } -+ fclose(fp); -+ auth_pass = strdup(pass_buf); -+ } -+ - if((p = strtok(pw->pw_gecos, ";,"))) { - if((gecos = strdup(p)) == (char *)NULL) { - die("ssmtp() -- strdup() failed"); -diff -Naurb a/ssmtp.conf.5 b/ssmtp.conf.5 ---- a/ssmtp.conf.5 2008-02-29 03:50:15.000000000 +0100 -+++ b/ssmtp.conf.5 2017-03-25 01:45:52.890165426 +0100 -@@ -61,6 +61,11 @@ - .Pp - .It Cm AuthPass - The password to use for SMTP AUTH. -+It is recommended to use AuthPassFile which also takes precedence over AuthPass. -+.Pp -+.It Cm AuthPassFile -+A file that should contain the password to use for SMTP AUTH. -+This takes precedence over AuthPass. - .Pp - .It Cm AuthMethod - The authorization method to use. diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index 62e809c01a6..1e5688a453e 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -1207,6 +1207,7 @@ mapAliases ({ sqliteInteractive = throw "'sqliteInteractive' has been renamed to/replaced by 'sqlite-interactive'"; # Converted to throw 2022-02-22 squid4 = squid; # added 2019-08-22 sshfsFuse = throw "'sshfsFuse' has been renamed to/replaced by 'sshfs-fuse'"; # Converted to throw 2022-02-22 + ssmtp = throw "'ssmtp' has been removed due to the software being unmaintained. 'msmtp' can be used as a replacement"; # Added 2022-04-17 stanchion = throw "Stanchion was part of riak-cs which is not maintained anymore"; # added 2020-10-14 steam-run-native = steam-run; # added 2022-02-21 stumpwm-git = throw "stumpwm-git has been broken for a long time and lispPackages.stumpwm follows Quicklisp that is close to git version"; # Added 2021-05-09 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c818f46df93..7d3d71538c8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10231,8 +10231,6 @@ with pkgs; sshoogr = callPackage ../tools/networking/sshoogr { }; - ssmtp = callPackage ../tools/networking/ssmtp { }; - ssocr = callPackage ../applications/misc/ssocr { }; ssss = callPackage ../tools/security/ssss { }; diff --git a/pkgs/top-level/release-small.nix b/pkgs/top-level/release-small.nix index a267b20d667..7bf4a234bb6 100644 --- a/pkgs/top-level/release-small.nix +++ b/pkgs/top-level/release-small.nix @@ -124,7 +124,7 @@ with import ./release-lib.nix { inherit supportedSystems nixpkgsArgs; }; smartmontools = all; sqlite = unix; # Cygwin builds fail squid = linux; - ssmtp = linux; + msmtp = linux; stdenv = all; strace = linux; su = linux; |