Adding a module for dovecot2. I've not tried it much.

svn path=/nixos/trunk/; revision=30072
2011-10-27 19:43:20 +00:00 · 2011-10-27 19:43:20 +00:00 · 69a31a37e4
parent ce822289c3
commit 69a31a37e4
3 changed files with 143 additions and 0 deletions
--- a/modules/misc/ids.nix
+++ b/modules/misc/ids.nix
@ -64,6 +64,8 @@ in
    fourStoreEndpoint = 43;
    virtuoso = 44;
    rtkit = 45;
+    dovecot2 = 46;
+    dovenull2 = 47;

    # When adding a uid, make sure it doesn't match an existing gid.

@ -110,6 +112,7 @@ in
    fourStore = 42;
    fourStoreEndpoint = 43;
    virtuoso = 44;
+    dovecot2 = 45;

    # When adding a gid, make sure it doesn't match an existing uid.

--- a/modules/module-list.nix
+++ b/modules/module-list.nix
@ -73,6 +73,7 @@
  ./services/logging/logrotate.nix
  ./services/logging/syslogd.nix
  ./services/mail/dovecot.nix
+  ./services/mail/dovecot2.nix
  ./services/mail/freepops.nix
  ./services/mail/mail.nix
  ./services/mail/postfix.nix
--- a/modules/services/mail/dovecot2.nix
+++ b/modules/services/mail/dovecot2.nix
@ -0,0 +1,139 @@
+{ config, pkgs, ... }:
+
+with pkgs.lib;
+
+let
+
+  startingDependency = if config.services.gw6c.enable then "gw6c" else "network-interfaces";
+
+  cfg = config.services.dovecot2;
+
+  dovecotConf =
+    ''
+      base_dir = /var/run/dovecot2/
+
+      protocols = imap pop3
+    ''
+    + (if cfg.sslServerCert!="" then
+    ''
+      ssl_cert_file = ${cfg.sslServerCert}
+      ssl_key_file = ${cfg.sslServerKey}
+      ssl_ca_file = ${cfg.sslCACert}
+    '' else ''
+      ssl = no
+      disable_plaintext_auth = no
+    '')
+
+    + ''
+      default_internal_user = ${cfg.user}
+
+      mail_location = maildir:/var/spool/mail/%u
+
+      maildir_copy_with_hardlinks = yes
+
+      auth_mechanisms = plain login
+      service auth {
+        user = root
+      }
+      userdb {
+        driver=passwd
+      }
+      passdb {
+        driver=pam
+      }
+      auth_debug = yes
+      auth_verbose = yes
+
+      pop3_uidl_format = %08Xv%08Xu
+
+      log_path = /var/log/dovecot2.log
+    '';
+
+  confFile = pkgs.writeText "dovecot.conf" dovecotConf;
+
+in
+
+{
+
+  ###### interface
+
+  options = {
+
+    services.dovecot2 = {
+
+      enable = mkOption {
+        default = false;
+        description = "Whether to enable the Dovecot 2.x POP3/IMAP server.";
+      };
+
+      user = mkOption {
+        default = "dovecot2";
+        description = "Dovecot user name.";
+      };
+
+      group = mkOption {
+        default = "dovecot2";
+        description = "Dovecot group name.";
+      };
+
+      sslServerCert = mkOption {
+        default = "";
+        description = "Server certificate";
+      };
+
+      sslCACert = mkOption {
+        default = "";
+        description = "CA certificate used by the server certificate.";
+      };
+
+      sslServerKey = mkOption {
+        default = "";
+        description = "Server key.";
+      };
+
+    };
+
+  };
+
+
+  ###### implementation
+
+  config = mkIf config.services.dovecot2.enable {
+
+    security.pam.services = [ { name = "dovecot2"; } ];
+
+    users.extraUsers = [
+      { name = cfg.user;
+        uid = config.ids.uids.dovecot2;
+        description = "Dovecot user";
+        group = cfg.group;
+      }
+      { name = "dovenull";
+        uid = config.ids.uids.dovenull2;
+        description = "Dovecot user for untrusted logins";
+        group = cfg.group;
+      }
+    ];
+
+    users.extraGroups = singleton
+      { name = cfg.group;
+        gid = config.ids.gids.dovecot2;
+      };
+
+    jobs.dovecot2 =
+      { description = "Dovecot IMAP/POP3 server";
+
+        startOn = "started ${startingDependency}";
+
+        preStart =
+          ''
+            ${pkgs.coreutils}/bin/mkdir -p /var/run/dovecot2 /var/run/dovecot2/login
+            ${pkgs.coreutils}/bin/chown -R ${cfg.user}.${cfg.group} /var/run/dovecot2
+          '';
+
+        exec = "${pkgs.dovecot_2_0}/sbin/dovecot -F -c ${confFile}";
+      };
+
+  };
+
+}