JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #106698 from aanderse/nixos/clamav

Browse Source 
nixos/clamav: add settings options to replace extraConfig options
This commit is contained in:
Aaron Andersen 2021-02-24 22:57:41 -05:00 committed by GitHub
commit 890327d751
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 35 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
nixos/modules/services/security/clamav.nix
View File

@ -8,30 +8,19 @@ let
cfg = config.services.clamav; cfg = config.services.clamav;
pkg = pkgs.clamav; pkg = pkgs.clamav;
clamdConfigFile = pkgs.writeText "clamd.conf" '' toKeyValue = generators.toKeyValue {
DatabaseDirectory ${stateDir} mkKeyValue = generators.mkKeyValueDefault {} " ";
LocalSocket ${runDir}/clamd.ctl listsAsDuplicateKeys = true;
PidFile ${runDir}/clamd.pid };
TemporaryDirectory /tmp
User clamav
Foreground yes
${cfg.daemon.extraConfig} clamdConfigFile = pkgs.writeText "clamd.conf" (toKeyValue cfg.daemon.settings);
''; freshclamConfigFile = pkgs.writeText "freshclam.conf" (toKeyValue cfg.updater.settings);
freshclamConfigFile = pkgs.writeText "freshclam.conf" ''
DatabaseDirectory ${stateDir}
Foreground yes
Checks ${toString cfg.updater.frequency}
${cfg.updater.extraConfig}
DatabaseMirror database.clamav.net
'';
in in
{ {
imports = [ imports = [
(mkRenamedOptionModule [ "services" "clamav" "updater" "config" ] [ "services" "clamav" "updater" "extraConfig" ]) (mkRemovedOptionModule [ "services" "clamav" "updater" "config" ] "Use services.clamav.updater.settings instead.")
(mkRemovedOptionModule [ "services" "clamav" "updater" "extraConfig" ] "Use services.clamav.updater.settings instead.")
(mkRemovedOptionModule [ "services" "clamav" "daemon" "extraConfig" ] "Use services.clamav.daemon.settings instead.")
]; ];
options = { options = {
@ -39,12 +28,12 @@ in
daemon = { daemon = {
enable = mkEnableOption "ClamAV clamd daemon"; enable = mkEnableOption "ClamAV clamd daemon";
extraConfig = mkOption { settings = mkOption {
type = types.lines; type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);
default = ""; default = {};
description = '' description = ''
Extra configuration for clamd. Contents will be added verbatim to the ClamAV configuration. Refer to <link xlink:href="https://linux.die.net/man/5/clamd.conf"/>,
configuration file. for details on supported values.
''; '';
}; };
}; };
@ -68,12 +57,12 @@ in
''; '';
}; };
extraConfig = mkOption { settings = mkOption {
type = types.lines; type = with types; attrsOf (oneOf [ bool int str (listOf str) ]);
default = ""; default = {};
description = '' description = ''
Extra configuration for freshclam. Contents will be added verbatim to the freshclam configuration. Refer to <link xlink:href="https://linux.die.net/man/5/freshclam.conf"/>,
configuration file. for details on supported values.
''; '';
}; };
}; };
@ -93,6 +82,22 @@ in
users.groups.${clamavGroup} = users.groups.${clamavGroup} =
{ gid = config.ids.gids.clamav; }; { gid = config.ids.gids.clamav; };
services.clamav.daemon.settings = {
DatabaseDirectory = stateDir;
LocalSocket = "${runDir}/clamd.ctl";
PidFile = "${runDir}/clamd.pid";
TemporaryDirectory = "/tmp";
User = "clamav";
Foreground = true;
};
services.clamav.updater.settings = {
DatabaseDirectory = stateDir;
Foreground = true;
Checks = cfg.updater.frequency;
DatabaseMirror = [ "database.clamav.net" ];
};
environment.etc."clamav/freshclam.conf".source = freshclamConfigFile; environment.etc."clamav/freshclam.conf".source = freshclamConfigFile;
environment.etc."clamav/clamd.conf".source = clamdConfigFile; environment.etc."clamav/clamd.conf".source = clamdConfigFile;