1 { config, lib, pkgs, ... }:
7 cfg = config.services.opendmarc;
9 defaultSock = "local:/run/opendmarc/opendmarc.sock";
13 ] ++ optionals (cfg.configFile != null) [ "-c" cfg.configFile ];
21 services.opendmarc = {
26 description = "Whether to enable the OpenDMARC sender authentication system.";
31 default = defaultSock;
32 description = "Socket which is used for communication with OpenDMARC.";
37 default = "opendmarc";
38 description = "User for the daemon.";
43 default = "opendmarc";
44 description = "Group for the daemon.";
47 configFile = mkOption {
48 type = types.nullOr types.path;
50 description = "Additional OpenDMARC configuration.";
60 config = mkIf cfg.enable {
62 users.users = optionalAttrs (cfg.user == "opendmarc") (singleton
65 uid = config.ids.uids.opendmarc;
68 users.groups = optionalAttrs (cfg.group == "opendmarc") (singleton
70 gid = config.ids.gids.opendmarc;
73 environment.systemPackages = [ pkgs.opendmarc ];
75 systemd.services.opendmarc = {
76 description = "OpenDMARC daemon";
77 after = [ "network.target" ];
78 wantedBy = [ "multi-user.target" ];
81 ExecStart = "${pkgs.opendmarc}/bin/opendmarc ${escapeShellArgs args}";
84 RuntimeDirectory = optional (cfg.socket == defaultSock) "opendmarc";
85 PermissionsStartOnly = true;