From 788bd96c1c5ff1917c86a687461a5b20bce52bd1 Mon Sep 17 00:00:00 2001 From: pacien Date: Sun, 3 Apr 2022 17:41:03 +0200 Subject: nixosTests.mailcatcher: replace ssmtp module use with msmtp The ssmtp program is not maintained and is being removed. GitHub: see https://github.com/NixOS/nixpkgs/issues/105710 --- nixos/tests/mailcatcher.nix | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'nixos') diff --git a/nixos/tests/mailcatcher.nix b/nixos/tests/mailcatcher.nix index d7858ab354b..f23b749a021 100644 --- a/nixos/tests/mailcatcher.nix +++ b/nixos/tests/mailcatcher.nix @@ -9,8 +9,13 @@ import ./make-test-python.nix ({ lib, ... }: { services.mailcatcher.enable = true; - services.ssmtp.enable = true; - services.ssmtp.hostName = "localhost:1025"; + programs.msmtp = { + enable = true; + accounts.default = { + host = "localhost"; + port = 1025; + }; + }; environment.systemPackages = [ pkgs.mailutils ]; }; -- cgit 1.4.1 From cfc763bf36bb09770ec6ff2c378ee11dfe8b16bc Mon Sep 17 00:00:00 2001 From: pacien Date: Sun, 3 Apr 2022 17:44:30 +0200 Subject: nixos/ssmtp: drop module The ssmtp program is not maintained and is being removed. GitHub: see https://github.com/NixOS/nixpkgs/issues/105710 --- nixos/modules/module-list.nix | 1 - nixos/modules/programs/ssmtp.nix | 190 --------------------------------------- nixos/modules/rename.nix | 5 ++ 3 files changed, 5 insertions(+), 191 deletions(-) delete mode 100644 nixos/modules/programs/ssmtp.nix (limited to 'nixos') diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 05cef36c782..818350cc7d3 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -205,7 +205,6 @@ ./programs/spacefm.nix ./programs/singularity.nix ./programs/ssh.nix - ./programs/ssmtp.nix ./programs/sysdig.nix ./programs/systemtap.nix ./programs/starship.nix diff --git a/nixos/modules/programs/ssmtp.nix b/nixos/modules/programs/ssmtp.nix deleted file mode 100644 index b454bf35229..00000000000 --- a/nixos/modules/programs/ssmtp.nix +++ /dev/null @@ -1,190 +0,0 @@ -# Configuration for `ssmtp', a trivial mail transfer agent that can -# replace sendmail/postfix on simple systems. It delivers email -# directly to an SMTP server defined in its configuration file, without -# queueing mail locally. - -{ config, lib, pkgs, ... }: - -with lib; - -let - cfg = config.services.ssmtp; - -in -{ - - imports = [ - (mkRenamedOptionModule [ "networking" "defaultMailServer" "directDelivery" ] [ "services" "ssmtp" "enable" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "hostName" ] [ "services" "ssmtp" "hostName" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "domain" ] [ "services" "ssmtp" "domain" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "root" ] [ "services" "ssmtp" "root" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "useTLS" ] [ "services" "ssmtp" "useTLS" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "useSTARTTLS" ] [ "services" "ssmtp" "useSTARTTLS" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "authUser" ] [ "services" "ssmtp" "authUser" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "authPassFile" ] [ "services" "ssmtp" "authPassFile" ]) - (mkRenamedOptionModule [ "networking" "defaultMailServer" "setSendmail" ] [ "services" "ssmtp" "setSendmail" ]) - - (mkRemovedOptionModule [ "networking" "defaultMailServer" "authPass" ] "authPass has been removed since it leaks the clear-text password into the world-readable store. Use authPassFile instead and make sure it's not a store path") - (mkRemovedOptionModule [ "services" "ssmtp" "authPass" ] "authPass has been removed since it leaks the clear-text password into the world-readable store. Use authPassFile instead and make sure it's not a store path") - ]; - - options = { - - services.ssmtp = { - - enable = mkOption { - type = types.bool; - default = false; - description = '' - Use the trivial Mail Transfer Agent (MTA) - ssmtp package to allow programs to send - e-mail. If you don't want to run a “real” MTA like - sendmail or postfix on - your machine, set this option to true, and - set the option - to the - host name of your preferred mail server. - ''; - }; - - settings = mkOption { - type = with types; attrsOf (oneOf [ bool str ]); - default = {}; - description = '' - ssmtp5 configuration. Refer - to for details on supported values. - ''; - example = literalExpression '' - { - Debug = true; - FromLineOverride = false; - } - ''; - }; - - hostName = mkOption { - type = types.str; - example = "mail.example.org"; - description = '' - The host name of the default mail server to use to deliver - e-mail. Can also contain a port number (ex: mail.example.org:587), - defaults to port 25 if no port is given. - ''; - }; - - root = mkOption { - type = types.str; - default = ""; - example = "root@example.org"; - description = '' - The e-mail to which mail for users with UID < 1000 is forwarded. - ''; - }; - - domain = mkOption { - type = types.str; - default = ""; - example = "example.org"; - description = '' - The domain from which mail will appear to be sent. - ''; - }; - - useTLS = mkOption { - type = types.bool; - default = false; - description = '' - Whether TLS should be used to connect to the default mail - server. - ''; - }; - - useSTARTTLS = mkOption { - type = types.bool; - default = false; - description = '' - Whether the STARTTLS should be used to connect to the default - mail server. (This is needed for TLS-capable mail servers - running on the default SMTP port 25.) - ''; - }; - - authUser = mkOption { - type = types.str; - default = ""; - example = "foo@example.org"; - description = '' - Username used for SMTP auth. Leave blank to disable. - ''; - }; - - authPassFile = mkOption { - type = types.nullOr types.str; - default = null; - example = "/run/keys/ssmtp-authpass"; - description = '' - Path to a file that contains the password used for SMTP auth. The file - should not contain a trailing newline, if the password does not contain one - (e.g. use echo -n "password" > file). - This file should be readable by the users that need to execute ssmtp. - ''; - }; - - setSendmail = mkOption { - type = types.bool; - default = true; - description = "Whether to set the system sendmail to ssmtp's."; - }; - - }; - - }; - - - config = mkIf cfg.enable { - - assertions = [ - { - assertion = cfg.useSTARTTLS -> cfg.useTLS; - message = "services.ssmtp.useSTARTTLS has no effect without services.ssmtp.useTLS"; - } - ]; - - services.ssmtp.settings = mkMerge [ - ({ - MailHub = cfg.hostName; - FromLineOverride = mkDefault true; - UseTLS = cfg.useTLS; - UseSTARTTLS = cfg.useSTARTTLS; - }) - (mkIf (cfg.root != "") { root = cfg.root; }) - (mkIf (cfg.domain != "") { rewriteDomain = cfg.domain; }) - (mkIf (cfg.authUser != "") { AuthUser = cfg.authUser; }) - (mkIf (cfg.authPassFile != null) { AuthPassFile = cfg.authPassFile; }) - ]; - - # careful here: ssmtp REQUIRES all config lines to end with a newline char! - environment.etc."ssmtp/ssmtp.conf".text = with generators; toKeyValue { - mkKeyValue = mkKeyValueDefault { - mkValueString = value: - if value == true then "YES" - else if value == false then "NO" - else mkValueStringDefault {} value - ; - } "="; - } cfg.settings; - - environment.systemPackages = [pkgs.ssmtp]; - - services.mail.sendmailSetuidWrapper = mkIf cfg.setSendmail { - program = "sendmail"; - source = "${pkgs.ssmtp}/bin/sendmail"; - setuid = false; - setgid = false; - owner = "root"; - group = "root"; - }; - - }; - -} diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index 72395b2ee86..1d226276493 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -69,6 +69,11 @@ with lib; '') (mkRemovedOptionModule [ "services" "quagga" ] "the corresponding package has been removed from nixpkgs") (mkRemovedOptionModule [ "services" "seeks" ] "") + (mkRemovedOptionModule [ "services" "ssmtp" ] '' + The ssmtp package and the corresponding module have been removed due to + the program being unmaintained. The options `programs.msmtp.*` can be + used instead. + '') (mkRemovedOptionModule [ "services" "venus" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "wakeonlan"] "This module was removed in favor of enabling it with networking.interfaces..wakeOnLan") (mkRemovedOptionModule [ "services" "winstone" ] "The corresponding package was removed from nixpkgs.") -- cgit 1.4.1 From 68128e7b7efbc419a9c9da1d6e2836552cefaccc Mon Sep 17 00:00:00 2001 From: pacien Date: Sun, 3 Apr 2022 17:42:52 +0200 Subject: nixos/nagios: replace ssmtp package use with msmtp The ssmtp program is not maintained and is being removed. GitHub: see https://github.com/NixOS/nixpkgs/issues/105710 --- nixos/modules/services/monitoring/nagios.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'nixos') diff --git a/nixos/modules/services/monitoring/nagios.nix b/nixos/modules/services/monitoring/nagios.nix index 2c7f0ed1966..69173ce4e44 100644 --- a/nixos/modules/services/monitoring/nagios.nix +++ b/nixos/modules/services/monitoring/nagios.nix @@ -102,8 +102,8 @@ in plugins = mkOption { type = types.listOf types.package; - default = with pkgs; [ monitoring-plugins ssmtp mailutils ]; - defaultText = literalExpression "[pkgs.monitoring-plugins pkgs.ssmtp pkgs.mailutils]"; + default = with pkgs; [ monitoring-plugins msmtp mailutils ]; + defaultText = literalExpression "[pkgs.monitoring-plugins pkgs.msmtp pkgs.mailutils]"; description = " Packages to be added to the Nagios PATH. Typically used to add plugins, but can be anything. -- cgit 1.4.1 From 4572069a3aa8ae762a1f5b4d6bdb33d91e87f251 Mon Sep 17 00:00:00 2001 From: pacien Date: Sun, 3 Apr 2022 18:36:40 +0200 Subject: doc/release-notes: add ssmtp removal notice and alternative GitHub: closes https://github.com/NixOS/nixpkgs/issues/105710 --- .../from_md/release-notes/rl-2205.section.xml | 38 ++++++++++++++++++++++ nixos/doc/manual/release-notes/rl-2205.section.md | 33 +++++++++++++++++++ 2 files changed, 71 insertions(+) (limited to 'nixos') diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index 1a6b09df263..157a5ee0107 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -462,6 +462,44 @@ kernel messages is handled by systemd since Linux 3.5. + + + pkgs.ssmtp has been dropped due to the + program being unmaintained. pkgs.msmtp can + be used instead as a substitute sendmail + implementation. The corresponding options + services.ssmtp.* have been removed as well. + programs.msmtp.* can be used instead for an + equivalent setup. For example: + + +{ + # Original ssmtp configuration: + services.ssmtp = { + enable = true; + useTLS = true; + useSTARTTLS = true; + hostName = "smtp.example:587"; + authUser = "someone"; + authPassFile = "/secrets/password.txt"; + }; + + # Equivalent msmtp configuration: + programs.msmtp = { + enable = true; + accounts.default = { + tls = true; + tls_starttls = true; + auth = true; + host = "smtp.example"; + port = 587; + user = "someone"; + passwordeval = "cat /secrets/password.txt"; + }; + }; +} + + services.kubernetes.addons.dashboard was diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index de125110418..48425bf898c 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -150,6 +150,39 @@ In addition to numerous new and upgraded packages, this release has the followin - `security.klogd` was removed. Logging of kernel messages is handled by systemd since Linux 3.5. +- `pkgs.ssmtp` has been dropped due to the program being unmaintained. + `pkgs.msmtp` can be used instead as a substitute `sendmail` implementation. + The corresponding options `services.ssmtp.*` have been removed as well. + `programs.msmtp.*` can be used instead for an equivalent setup. For example: + + ```nix + { + # Original ssmtp configuration: + services.ssmtp = { + enable = true; + useTLS = true; + useSTARTTLS = true; + hostName = "smtp.example:587"; + authUser = "someone"; + authPassFile = "/secrets/password.txt"; + }; + + # Equivalent msmtp configuration: + programs.msmtp = { + enable = true; + accounts.default = { + tls = true; + tls_starttls = true; + auth = true; + host = "smtp.example"; + port = 587; + user = "someone"; + passwordeval = "cat /secrets/password.txt"; + }; + }; + } + ``` + - `services.kubernetes.addons.dashboard` was removed due to it being an outdated version. - `services.kubernetes.scheduler.{port,address}` now set `--secure-port` and `--bind-address` instead of `--port` and `--address`, since the former have been deprecated and are no longer functional in kubernetes>=1.23. Ensure that you are not relying on the insecure behaviour before upgrading. -- cgit 1.4.1