The previous script ran unprivileged by default (because the default
value of cfg.user was "exim"), and enabling the exim service always
failed. It also would have created the directory with unspecified permissions.
The new mechanism uses coreutil's install tool to create the
directory on systemd service start, with proper ownership and
restrictive permissions.
Fixes NixOS#385522
The `services.postfix.config` option is a freeform type that represents
settings in `main.cf`. The top-level options on the postfix module were
replaced by these and that is the reason behind this migration.
This is a first step that reduces the intransparent configuration aspects
by migrating relevant options from `service`postfix` into the `config`
option that represents the `main.cf` file.
Not all options were migrated since Postfix provides reasonable defaults,
e.g. `myorigin` defaults to `$myhostname`, so it is rarely needed.
The `inet_protocols` integration with `networking.enableIPv6` was also
a thing I removed, because Postfix is capable of understand what inet
protocols are available at runtime, so I concluded it a niche option.
Every option on the `config` freeform setting now also references the
upstream documentation, which provides a great number of examples and is
always worth a look.
In particular we now explain what port the service listens on and what
protocol to expect. Update the RFC8341 recommendation to discourage
submission and recommend submissions.
Calling to sendmail without AF_NETLINK causes:
> sendmail: fatal: inet_addr_local[getifaddrs]: getifaddrs: Address family not supported by protocol
and without AF_INET/AF_INET6:
> sendmail: warning: inet_protocols: disabling IPv6 name/address support: Address family not supported by protocol
> sendmail: warning: inet_protocols: disabling IPv4 name/address support: Address family not supported by protocol
Move the configurePostfix option one level up, since it now also
reconfigures the reportd systemd unit.
Same as with other services giving postfix access, this needs to happen
for the postfix user. Adding supplementary group permissions to the
systemd unit does not propagate to child processes that ultimately call
the unix domain socket.
This replaces the previous confinement settings with a more complete and
context-sensitive hardening setup.
Also exposes the current config at /etc/postsrsd.conf, which makes it
easily inspectable.
Allow a freeform configuration approach to satisfy different
configuration complexities.
Remove confinement options and make its hardening options more explicit
and removed the deprecated PermissionStartOnly= option.
This should hopefully fix errors like the following:
plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot create tmp lockfile /var/empty/.spamassassin/bayes.lock.atuin.qyliss.net.398779 for /var/empty/.spamassassin/bayes.lock: No such file or directory
