treewide: remove global with lib
Instead inherit required functions from lib.
This commit is contained in:
parent
1a7f3d718c
commit
fb56bcf747
2 changed files with 37 additions and 23 deletions
53
default.nix
53
default.nix
|
@ -21,9 +21,20 @@
|
|||
...
|
||||
}:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
inherit (lib)
|
||||
literalExpression
|
||||
literalMD
|
||||
mkDefault
|
||||
mkEnableOption
|
||||
mkOption
|
||||
mkOptionType
|
||||
mkRemovedOptionModule
|
||||
mkRenamedOptionModule
|
||||
types
|
||||
warn
|
||||
;
|
||||
|
||||
cfg = config.mailserver;
|
||||
in
|
||||
{
|
||||
|
@ -269,7 +280,7 @@ in
|
|||
tlsCAFile = mkOption {
|
||||
type = types.path;
|
||||
default = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
defaultText = lib.literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)";
|
||||
defaultText = literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)";
|
||||
description = ''
|
||||
Certifificate trust anchors used to verify the LDAP server certificate.
|
||||
'';
|
||||
|
@ -1064,7 +1075,7 @@ in
|
|||
type = types.str;
|
||||
# read the default from nixos' redis module
|
||||
default = config.services.redis.servers.rspamd.unixSocket;
|
||||
defaultText = lib.literalExpression "config.services.redis.servers.rspamd.unixSocket";
|
||||
defaultText = literalExpression "config.services.redis.servers.rspamd.unixSocket";
|
||||
description = ''
|
||||
Path, IP address or hostname that Rspamd should use to contact Redis.
|
||||
'';
|
||||
|
@ -1073,7 +1084,7 @@ in
|
|||
port = mkOption {
|
||||
type = with types; nullOr port;
|
||||
default = null;
|
||||
example = lib.literalExpression "config.services.redis.servers.rspamd.port";
|
||||
example = literalExpression "config.services.redis.servers.rspamd.port";
|
||||
description = ''
|
||||
Port that Rspamd should use to contact Redis.
|
||||
'';
|
||||
|
@ -1082,7 +1093,7 @@ in
|
|||
password = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = config.services.redis.servers.rspamd.requirePass;
|
||||
defaultText = lib.literalExpression "config.services.redis.servers.rspamd.requirePass";
|
||||
defaultText = literalExpression "config.services.redis.servers.rspamd.requirePass";
|
||||
description = ''
|
||||
Password that rspamd should use to contact redis, or null if not required.
|
||||
'';
|
||||
|
@ -1102,7 +1113,7 @@ in
|
|||
sendingFqdn = mkOption {
|
||||
type = types.str;
|
||||
default = cfg.fqdn;
|
||||
defaultText = lib.literalMD "{option}`mailserver.fqdn`";
|
||||
defaultText = literalMD "{option}`mailserver.fqdn`";
|
||||
example = "myserver.example.com";
|
||||
description = ''
|
||||
The fully qualified domain name of the mail server used to
|
||||
|
@ -1178,7 +1189,7 @@ in
|
|||
start program = "${pkgs.systemd}/bin/systemctl start rspamd"
|
||||
stop program = "${pkgs.systemd}/bin/systemctl stop rspamd"
|
||||
'';
|
||||
defaultText = lib.literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)";
|
||||
defaultText = literalMD "see [source](https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/blob/master/default.nix)";
|
||||
description = ''
|
||||
The configuration used for monitoring via monit.
|
||||
Use a mail address that you actively check and set it via 'set alert ...'.
|
||||
|
@ -1287,7 +1298,7 @@ in
|
|||
locations = mkOption {
|
||||
type = types.listOf types.path;
|
||||
default = [ cfg.mailDirectory ];
|
||||
defaultText = lib.literalExpression "[ config.mailserver.mailDirectory ]";
|
||||
defaultText = literalExpression "[ config.mailserver.mailDirectory ]";
|
||||
description = "The locations that are to be backed up by borg.";
|
||||
};
|
||||
|
||||
|
@ -1388,29 +1399,29 @@ in
|
|||
};
|
||||
|
||||
imports = [
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maintenance" "enable" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maintenance" "enable" ] ''
|
||||
This option is not needed for fts-flatcurve
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maintenance" "onCalendar" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maintenance" "onCalendar" ] ''
|
||||
This option is not needed for fts-flatcurve
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maintenance" "randomizedDelaySec" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maintenance" "randomizedDelaySec" ] ''
|
||||
This option is not needed for fts-flatcurve
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "fullTextSearch" "minSize" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "fullTextSearch" "minSize" ] ''
|
||||
This option is not supported by fts-flatcurve
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maxSize" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "fullTextSearch" "maxSize" ] ''
|
||||
This option is not needed since fts-xapian 1.8.3
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "fullTextSearch" "indexAttachments" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "fullTextSearch" "indexAttachments" ] ''
|
||||
Text attachments are always indexed since fts-xapian 1.4.8
|
||||
'')
|
||||
(lib.mkRenamedOptionModule
|
||||
(mkRenamedOptionModule
|
||||
[ "mailserver" "rebootAfterKernelUpgrade" "enable" ]
|
||||
[ "system" "autoUpgrade" "allowReboot" ]
|
||||
)
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "rebootAfterKernelUpgrade" "method" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "rebootAfterKernelUpgrade" "method" ] ''
|
||||
Use `system.autoUpgrade` instead.
|
||||
'')
|
||||
./mail-server/assertions.nix
|
||||
|
@ -1427,17 +1438,17 @@ in
|
|||
./mail-server/rspamd.nix
|
||||
./mail-server/nginx.nix
|
||||
./mail-server/kresd.nix
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "policydSPFExtraConfig" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "policydSPFExtraConfig" ] ''
|
||||
SPF checking has been migrated to Rspamd, which makes this config redundant. Please look into the rspamd config to migrate your settings.
|
||||
It may be that they are redundant and are already configured in rspamd like for skip_addresses.
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "dkimHeaderCanonicalization" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "dkimHeaderCanonicalization" ] ''
|
||||
DKIM signing has been migrated to Rspamd, which always uses relaxed canonicalization.
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "dkimBodyCanonicalization" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "dkimBodyCanonicalization" ] ''
|
||||
DKIM signing has been migrated to Rspamd, which always uses relaxed canonicalization.
|
||||
'')
|
||||
(lib.mkRemovedOptionModule [ "mailserver" "smtpdForbidBareNewline" ] ''
|
||||
(mkRemovedOptionModule [ "mailserver" "smtpdForbidBareNewline" ] ''
|
||||
The workaround for the SMTP Smuggling attack is default enabled in Postfix >3.9. Use `services.postfix.config.smtpd_forbid_bare_newline` if you need to deviate from its default.
|
||||
'')
|
||||
];
|
||||
|
|
|
@ -21,9 +21,12 @@
|
|||
...
|
||||
}:
|
||||
|
||||
with lib;
|
||||
|
||||
let
|
||||
inherit (lib)
|
||||
optionalString
|
||||
mkIf
|
||||
;
|
||||
|
||||
cfg = config.mailserver;
|
||||
|
||||
preexecDefined = cfg.backup.cmdPreexec != null;
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue