system-configuration

system-configuration/modules/services/mail.scm

mail.scm

;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019 Julien Lepiller <julien@lepiller.eu>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.
;;;
;;; Some of the help text was taken from the default dovecot.conf files.

(define-module (services mail)
  #:use-module (gnu services)
  #:use-module (gnu services base)
  #:use-module (gnu services configuration)
  #:use-module (gnu services shepherd)
  #:use-module (gnu system pam)
  #:use-module (gnu system shadow)
  #:use-module (gnu packages admin)
  #:use-module (guix gexp)
  #:use-module (guix records)
  #:use-module (ice-9 match)
  #:use-module (packages perl)
  #:export (dkimproxy-out-service-type

            dkimproxy-out-configuration
            dkimproxy-out-configuration-package
            dkimproxy-out-configuration-config-file))

(define-record-type* <dkimproxy-out-configuration>
  dkimproxy-out-configuration make-dkimproxy-out-configuration
  dkimproxy-out-configuration?
  (package     dkimproxy-out-configuration-package
               (default dkimproxy))
  (config-file dkimproxy-out-configuration-config-file
               (default %default-dkimproxy-out-configuration-config-file)))

(define %default-dkimproxy-out-configuration-config-file
  (plain-file "dkimproxy_out.conf" "
# specify what address/port DKIMproxy should listen on
listen    127.0.0.1:10027
# specify what address/port DKIMproxy forwards mail to
relay     127.0.0.1:10028
# specify what domains DKIMproxy can sign for (comma-separated, no spaces)
domain    mail.example.com 
# specify what signatures to add
signature dkim(c=relaxed)
signature domainkeys(c=nofws)
# specify location of the private key
# It can be generated with for instance:
# mkdir /etc/mail/dkim
# openssl genrsa -out /etc/mail/dkim/private.key 1024
# openssl rsa -in /etc/mail/dkim/private.key -pubout -out /etc/mail/dkim/public.key
keyfile   /etc/mail/dkim/private.key
# specify the selector (i.e. the name of the key record put in DNS)
selector  selector1
"))

(define dkimproxy-out-shepherd-service
  (match-lambda
    (($ <dkimproxy-out-configuration> package config-file)
     (list (shepherd-service
             (provision '(dkimproxy-out))
             (requirement '(loopback))
             (documentation "Outbound DKIM proxy.")
             (start (let ((proxy (file-append package "/bin/dkimproxy.out")))
                      #~(make-forkexec-constructor
                          (list #$proxy (string-append "--conf_file=" #$config-file)
                                "--pidfile=/var/run/dkimproxy.out.pid"
                                "--user=dkimproxy" "--group=dkimproxy")
                          #:pid-file "/var/run/dkimproxy.out.pid")))
             (stop #~(make-kill-destructor)))))))

(define %dkimproxy-accounts
  (list (user-group
          (name "dkimproxy")
          (system? #t))
        (user-account
          (name "dkimproxy")
          (group "dkimproxy")
          (system? #t)
          (comment "Dkimproxy user")
          (home-directory "/var/empty")
          (shell (file-append shadow "/sbin/nologin")))))

(define dkimproxy-out-service-type
  (service-type
    (name 'dkimproxy-out)
    (extensions
      (list (service-extension account-service-type
                               (const %dkimproxy-accounts))
            (service-extension shepherd-root-service-type
                               dkimproxy-out-shepherd-service)))))


1	;;; GNU Guix --- Functional package management for GNU
2	;;; Copyright © 2019 Julien Lepiller <julien@lepiller.eu>
3	;;;
4	;;; This file is part of GNU Guix.
5	;;;
6	;;; GNU Guix is free software; you can redistribute it and/or modify it
7	;;; under the terms of the GNU General Public License as published by
8	;;; the Free Software Foundation; either version 3 of the License, or (at
9	;;; your option) any later version.
10	;;;
11	;;; GNU Guix is distributed in the hope that it will be useful, but
12	;;; WITHOUT ANY WARRANTY; without even the implied warranty of
13	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	;;; GNU General Public License for more details.
15	;;;
16	;;; You should have received a copy of the GNU General Public License
17	;;; along with GNU Guix. If not, see <http://www.gnu.org/licenses/>.
18	;;;
19	;;; Some of the help text was taken from the default dovecot.conf files.
20
21	(define-module (services mail)
22	#:use-module (gnu services)
23	#:use-module (gnu services base)
24	#:use-module (gnu services configuration)
25	#:use-module (gnu services shepherd)
26	#:use-module (gnu system pam)
27	#:use-module (gnu system shadow)
28	#:use-module (gnu packages admin)
29	#:use-module (guix gexp)
30	#:use-module (guix records)
31	#:use-module (ice-9 match)
32	#:use-module (packages perl)
33	#:export (dkimproxy-out-service-type
34
35	dkimproxy-out-configuration
36	dkimproxy-out-configuration-package
37	dkimproxy-out-configuration-config-file))
38
39	(define-record-type* <dkimproxy-out-configuration>
40	dkimproxy-out-configuration make-dkimproxy-out-configuration
41	dkimproxy-out-configuration?
42	(package dkimproxy-out-configuration-package
43	(default dkimproxy))
44	(config-file dkimproxy-out-configuration-config-file
45	(default %default-dkimproxy-out-configuration-config-file)))
46
47	(define %default-dkimproxy-out-configuration-config-file
48	(plain-file "dkimproxy_out.conf" "
49	# specify what address/port DKIMproxy should listen on
50	listen 127.0.0.1:10027
51	# specify what address/port DKIMproxy forwards mail to
52	relay 127.0.0.1:10028
53	# specify what domains DKIMproxy can sign for (comma-separated, no spaces)
54	domain mail.example.com
55	# specify what signatures to add
56	signature dkim(c=relaxed)
57	signature domainkeys(c=nofws)
58	# specify location of the private key
59	# It can be generated with for instance:
60	# mkdir /etc/mail/dkim
61	# openssl genrsa -out /etc/mail/dkim/private.key 1024
62	# openssl rsa -in /etc/mail/dkim/private.key -pubout -out /etc/mail/dkim/public.key
63	keyfile /etc/mail/dkim/private.key
64	# specify the selector (i.e. the name of the key record put in DNS)
65	selector selector1
66	"))
67
68	(define dkimproxy-out-shepherd-service
69	(match-lambda
70	(($ <dkimproxy-out-configuration> package config-file)
71	(list (shepherd-service
72	(provision '(dkimproxy-out))
73	(requirement '(loopback))
74	(documentation "Outbound DKIM proxy.")
75	(start (let ((proxy (file-append package "/bin/dkimproxy.out")))
76	#~(make-forkexec-constructor
77	(list #$proxy (string-append "--conf_file=" #$config-file)
78	"--pidfile=/var/run/dkimproxy.out.pid"
79	"--user=dkimproxy" "--group=dkimproxy")
80	#:pid-file "/var/run/dkimproxy.out.pid")))
81	(stop #~(make-kill-destructor)))))))
82
83	(define %dkimproxy-accounts
84	(list (user-group
85	(name "dkimproxy")
86	(system? #t))
87	(user-account
88	(name "dkimproxy")
89	(group "dkimproxy")
90	(system? #t)
91	(comment "Dkimproxy user")
92	(home-directory "/var/empty")
93	(shell (file-append shadow "/sbin/nologin")))))
94
95	(define dkimproxy-out-service-type
96	(service-type
97	(name 'dkimproxy-out)
98	(extensions
99	(list (service-extension account-service-type
100	(const %dkimproxy-accounts))
101	(service-extension shepherd-root-service-type
102	dkimproxy-out-shepherd-service)))))
103