Commit Graph

498 Commits

Author SHA1 Message Date
Alyssa Ross
881dd9963f mailman-web: use upstream, improve NixOS module
Previously, some files were copied into the Nixpkgs tree, which meant
we wouldn't easily be able to update them, and was also just messy.

The reason it was done that way before was so that a few NixOS
options could be substituted in.  Some problems with doing it this way
were that the _package_ changed depending on the values of the
settings, which is pretty strange, and also that it only allowed those
few settings to be set.

In the new model, mailman-web is a usable package without needing to
override, and I've implemented the NixOS options in a much more
flexible way.  NixOS' mailman-web config file first reads the
mailman-web settings to use as defaults, but then it loads another
configuration file generated from the new services.mailman.webSettings
option, so _any_ mailman-web Django setting can be customised by the
user, rather than just the three that were supported before.  I've
kept the old options, but there might not really be any good reason to
keep them.
2020-01-30 23:14:45 +00:00
Alyssa Ross
a8538a73a7 mailman: init package for Mailman CLI
We already had python3Packages.mailman, but that's only really usable
as a library.  The only other option was to create a whole Python
environment, which was undesirable to install as a system-wide
package.
2020-01-30 23:14:45 +00:00
Alyssa Ross
bc8eece849 python3.pkgs.mailman-hyperkitty: HTTPS homepage 2020-01-30 23:14:45 +00:00
Alyssa Ross
c397d1909f nixos/mailman: don't keep secrets in the Nix store
This replaces all Mailman secrets with ones that are generated the
first time the service is run.  This replaces the hyperkittyApiKey
option, which would lead to a secret in the world-readable store.
Even worse were the secrets hard-coded into mailman-web, which are not
just world-readable, but identical for all users!

services.mailman.hyperkittyApiKey has been removed, and so can no
longer be used to determine whether to enable Hyperkitty.  In its
place, there is a new option, services.mailman.hyperkitty.enable.  For
consistency, services.mailman.hyperkittyBaseUrl has been renamed to
services.mailman.hyperkitty.baseUrl.
2020-01-30 23:14:45 +00:00
Alyssa Ross
85a9743f13 spamassassin: use /etc/mail/spamassassin for config
Using a custom path in the Nix store meant that users of the module
couldn't add their own config files, which is a desirable feature.  I
don't think avoiding /etc buys us anything.
2020-01-30 00:47:10 +00:00
Franz Pletz
7b9bd595cd
opensmtpd: 6.6.1p1 -> 6.6.2p1
Fixes critical vulnerability:
  https://www.mail-archive.com/misc@opensmtpd.org/msg04850.html
2020-01-29 03:03:39 +01:00
Alyssa Ross
126ff4d97e python3.pkgs.mailman*: check isPy3k inside package 2020-01-20 14:36:56 +00:00
Peter Simons
3e26640352 python3.pkgs.mailman: 3.2.2 -> 3.3.0 2020-01-20 14:36:56 +00:00
Alyssa Ross
aec2382b38 python3.pkgs.postorius: 1.2.4 -> 1.3.2 2020-01-20 14:36:56 +00:00
Alyssa Ross
9a43cdc1c6 python3.pkgs.postorius: use checkInputs 2020-01-20 14:36:56 +00:00
Alyssa Ross
6af4de84d3 python3.pkgs.hyperkitty: use checkInputs
The previously propagated build inputs are optional, and so are
included in checkInputs so the tests can run, but not propagated so
they aren't included if unneeded.
2020-01-20 14:36:56 +00:00
Alyssa Ross
38f2103de9 python3.pkgs.hyperkitty: 1.2.2 -> 1.3.2 2020-01-20 14:36:56 +00:00
Alyssa Ross
0b9bfc0132 python3.pkgs.mailman: core.nix -> default.nix
The actual upstream "mailman" name just refers to this, so we should
use the Nixpkgs convention of default.nix.
2020-01-20 14:36:56 +00:00
Alyssa Ross
89b311fa4d mailman: remove unused derivation for mailman 2
This isn't referenced anywhere, so it's just dead code.
2020-01-20 14:36:56 +00:00
Alyssa Ross
10b1ba0c93 public-inbox: fix build
This fixes some two-digit year rounding bugs that started triggering
because 2020 is closer to 2070 than 1970.  Apparently two digits years
are still a thing.
2020-01-14 19:54:35 +00:00
Robin Gloster
6ca6ac796b
treewide: configureFlags is a flat list 2019-12-31 01:37:49 +01:00
Robin Gloster
313da176d3
treewide: NIX_*_FLAGS -> string 2019-12-31 00:16:46 +01:00
Robin Gloster
ab0cfd9e03
treewide: NIX_*_COMPILE -> string 2019-12-31 00:10:18 +01:00
Frederik Rietdijk
6d059becd3 Merge gcc-9 into staging (#68029) 2019-12-30 16:38:38 +01:00
Merijn Broeren
133103d709
treewide: replace make/build/configure/patchFlags with nix lists 2019-12-30 12:58:11 +01:00
Franz Pletz
77b6c3cd06
Merge remote-tracking branch 'origin/master' into gcc-9 2019-12-26 14:17:36 +01:00
Alyssa Ross
7ea65c5746
spamassassin: fix IPv6
The Net::CIDR::Lite package was missing.
2019-12-24 23:41:03 +00:00
Alyssa Ross
8f8514c6ba public-inbox: init at 1.2.0
highlight's Perl bindings are currently disabled on Darwin, but I
didn't make the dependency here conditional so that if that is ever
fixed, this function won't need to be updated. p-i is smart enough to
disable the test for highlight if it can't find the Perl module.
2019-12-20 19:47:42 +00:00
Franz Pletz
5d01945b40
Merge pull request #75839 from petabyteboy/feature/dovecot-pigeonhole
dovecot_pigeonhole: 0.5.8 -> 0.5.9
2019-12-18 00:24:29 +00:00
Milan Pässler
a77524e2e3 dovecot_pigeonhole: 0.5.8 -> 0.5.9
Fixes build with dovecot 2.3.9+.
2019-12-17 23:28:27 +01:00
Andreas Rammhold
0dfc60af86
Merge pull request #75710 from andir/spamassassin
spamassassin: 3.4.2 -> 3.4.3
2019-12-16 10:12:44 +01:00
Franz Pletz
7eee92eab7
Merge pull request #75694 from plutotulp/spamassassin-ipv6-master
spamassassin: enable IPv6 support with Socket6
2019-12-15 23:25:19 +00:00
Andreas Rammhold
5d3607b2da
spamassassin: 3.4.2 -> 3.4.3
Two security issues have been fixed in this release:
  * CVE-2019-12420 for Multipart Denial of Service Vulnerability
  * CVE-2018-11805 for nefarious CF files can be configured to
    run system commands without any output or errors.

https://svn.apache.org/repos/asf/spamassassin/branches/3.4/build/announcements/3.4.3.txt
2019-12-15 20:48:56 +01:00
Andreas Rammhold
cd394340d8
dovecot: 2.3.8 -> 2.3.9.2
Update to latest version & updated the patch file to match with the
lastest verison.

Fixes the following security issue:
  * CVE-2019-19722: Mails with group addresses in From or To fields
    caused crash in push notification drivers.
2019-12-15 20:11:01 +01:00
Erlend Pedersen
6e87213291 spamassassin: enable IPv6 support with Socket6
Communication between spamc and spamd would fail with messages about
addresses being too long:

  error: Bad arg length for Socket::unpack_sockaddr_in, length is 28,
  should be 16

By adding Socket6 as a buildInput, spamd is now able to process emails
without choking on IPv6 addresses.
2019-12-15 15:25:38 +01:00
R. RyanTM
aaa190d054 postfix: 3.4.7 -> 3.4.8 2019-12-01 18:38:11 +01:00
Florian Klink
96588508bb opensmtpd: 6.4.2p1 -> 6.6.1p1
The substitition in smtpd/parse.y isn't necessary anymore.
The hardcoded /usr/libexec/ has been replaced by a PATH_LIBEXEC #define,
which will be set properly by the build system.
2019-11-08 15:09:26 +01:00
Franz Pletz
f60914ac2c
archiveopteryx: fix build with gcc9 2019-11-02 19:50:49 +01:00
Robert Schütz
395cdd7d4c dovecot_pigeonhole: 0.5.7.2 -> 0.5.8
https://dovecot.org/pipermail/dovecot-news/2019-October/000420.html
2019-10-09 17:09:47 +02:00
Robert Schütz
5f03f32fa6 dovecot: 2.3.7.2 -> 2.3.8
https://dovecot.org/pipermail/dovecot-news/2019-October/000419.html
2019-10-09 17:08:50 +02:00
pacien
aaa1ba3700 exim: 4.92.2 -> 4.92.3
security update: CVE-2019-16928
2019-09-30 19:01:32 +02:00
Vladimír Čunát
fda4a08d4a
Merge branch 'staging-next'
There are several security fixes - again, as it consists mainly of the
previously reverted staging-next merge.
2019-09-28 07:43:04 +02:00
R. RyanTM
095f107c7e postfix: 3.4.6 -> 3.4.7
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/postfix/versions
2019-09-27 18:45:32 -07:00
Vladimír Čunát
22a216849b
Re-Revert "Merge branch 'staging-next'"
This reverts commit f8a8fc6c7c.
2019-09-22 09:38:09 +02:00
Vladimír Čunát
f8a8fc6c7c
Revert "Merge branch 'staging-next'"
This reverts commit 41af38f372, reversing
changes made to f0fec244ca.

Let's delay this.  We have some serious regressions.
2019-09-21 20:05:09 +02:00
Vladimír Čunát
b6c6e1f9e8
Merge branch 'master' into staging-next 2019-09-15 13:18:54 +02:00
WilliButz
7350dd9d94
rspamd: disable LuaJIT support on aarch64
When compiled with LuaJIT support, rspamd segfaults on aarch64.
Without LuaJIT, rspamd falls back to plain Lua and torch support needs to
be disabled.
2019-09-13 14:00:13 +02:00
Jan Tojnar
a441eaa7b1
Merge branch 'staging-next' into staging 2019-09-12 22:49:43 +02:00
Peter Simons
86f8895abb python-mailman-web: turn these Djando configuration files into a make-shift Python library
Suggested in https://github.com/NixOS/nixpkgs/pull/67951#issuecomment-530309702.
2019-09-11 14:48:51 +02:00
Peter Simons
72c7ba5aba nixos/mailman: add support for the Mailman Web UI (Postorius & Hyperkitty) 2019-09-11 12:19:23 +02:00
Izorkin
329a88efa7 treewide: replace mysql.connector-c to libmysqlclient 2019-09-09 15:55:34 +03:00
Frederik Rietdijk
5f4734b1dd Merge remote-tracking branch 'upstream/gcc-8' into staging-next
Earlier the gcc8 branch was merged instead of the gcc-8 branch (note the dash)...
2019-09-08 20:44:26 +02:00
pacien
3387a16c2f exim: 4.92.1 -> 4.92.2
security update: CVE-2019-15846
2019-09-06 20:52:21 +00:00
Franz Pletz
de85797565
Merge remote-tracking branch 'origin/master' into gcc-8 2019-09-03 22:15:07 +02:00
Frederik Rietdijk
fc74ba8291 Merge master into staging-next 2019-08-31 09:50:38 +02:00