Commit eb52347d authored by Yarny0's avatar Yarny0
Browse files

nixos/hylafax: use `toGNUCommandLine` 

...and `escapeShellArgs` for spool area program command lines.
The new function `mkSpoolCmd` adds the `-q` option
by default as it is needed by all such programs.
parent 6e51b487

nixos/modules/services/networking/hylafax/systemd.nix

+34 −23
Original line number Diff line number Diff line
@@ -9,15 +9,27 @@ let 


  inherit (lib)

    concatLines

    concatStringsSep

    escapeShellArgs

    mkIf

    mkMerge

    optionalString

    optional

    ;

  inherit (lib.cli) toGNUCommandLine;



  cfg = config.services.hylafax;

  mapModems = lib.forEach (lib.attrValues cfg.modems);



  mkSpoolCmd =

    prefix: program: posArg: options:

    let

      start = "${prefix}${pkgs.hylafaxplus}/spool/bin/${program}";

      optionsList = toGNUCommandLine { mkOptionName = k: "-${k}"; } (

        { q = cfg.spoolAreaPath; } // options

      );

      posArgList = optional (posArg != null) posArg;

    in

    "${start} ${escapeShellArgs (optionsList ++ posArgList)}";



  mkConfigFile =

    name: conf:

    # creates hylafax config file,
@@ -160,7 +172,7 @@ let 
    wants = mapModems ({ name, ... }: "hylafax-faxgetty@${name}.service");

    wantedBy = mkIf cfg.autostart [ "multi-user.target" ];

    serviceConfig.Type = "forking";

    serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/faxq -q "${cfg.spoolAreaPath}"'';

    serviceConfig.ExecStart = mkSpoolCmd "" "faxq" null { };

    # This delays the "readiness" of this service until

    # all modems are initialized (or a timeout is reached).

    # Otherwise, sending a fax with the fax service
@@ -170,7 +182,7 @@ let 
    serviceConfig.ExecStartPost = [ "${waitFaxqScript}" ];

    # faxquit fails if the pipe is already gone

    # (e.g. the service is already stopping)

    serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}"'';

    serviceConfig.ExecStop = mkSpoolCmd "-" "faxquit" null { };

    # disable some systemd hardening settings

    serviceConfig.PrivateDevices = null;

    serviceConfig.RestrictRealtime = null;
@@ -183,7 +195,10 @@ let 
    requires = [ "hylafax-faxq.service" ];

    serviceConfig.StandardInput = "socket";

    serviceConfig.StandardOutput = "socket";

    serviceConfig.ExecStart = ''${pkgs.hylafaxplus}/spool/bin/hfaxd -q "${cfg.spoolAreaPath}" -d -I'';

    serviceConfig.ExecStart = mkSpoolCmd "" "hfaxd" null {

      d = true;

      I = true;

    };

    unitConfig.RequiresMountsFor = [ cfg.userAccessFile ];

    # disable some systemd hardening settings

    serviceConfig.PrivateDevices = null;
@@ -197,13 +212,11 @@ let 
    requires = [ "hylafax-spool.service" ];

    wantedBy = mkIf cfg.faxcron.enable.spoolInit requires;

    startAt = mkIf (cfg.faxcron.enable.frequency != null) cfg.faxcron.enable.frequency;

    serviceConfig.ExecStart = concatStringsSep " " [

      "${pkgs.hylafaxplus}/spool/bin/faxcron"

      ''-q "${cfg.spoolAreaPath}"''

      ''-info ${toString cfg.faxcron.infoDays}''

      ''-log  ${toString cfg.faxcron.logDays}''

      ''-rcv  ${toString cfg.faxcron.rcvDays}''

    ];

    serviceConfig.ExecStart = mkSpoolCmd "" "faxcron" null {

      info = cfg.faxcron.infoDays;

      log = cfg.faxcron.logDays;

      rcv = cfg.faxcron.rcvDays;

    };

  };



  services.hylafax-faxqclean = rec {
@@ -213,15 +226,13 @@ let 
    requires = [ "hylafax-spool.service" ];

    wantedBy = mkIf cfg.faxqclean.enable.spoolInit requires;

    startAt = mkIf (cfg.faxqclean.enable.frequency != null) cfg.faxqclean.enable.frequency;

    serviceConfig.ExecStart = concatStringsSep " " [

      "${pkgs.hylafaxplus}/spool/bin/faxqclean"

      ''-q "${cfg.spoolAreaPath}"''

      "-v"

      (optionalString (cfg.faxqclean.archiving != "never") "-a")

      (optionalString (cfg.faxqclean.archiving == "always") "-A")

      ''-j ${toString (cfg.faxqclean.doneqMinutes * 60)}''

      ''-d ${toString (cfg.faxqclean.docqMinutes * 60)}''

    ];

    serviceConfig.ExecStart = mkSpoolCmd "" "faxqclean" null {

      v = true;

      a = cfg.faxqclean.archiving != "never";

      A = cfg.faxqclean.archiving == "always";

      j = 60 * cfg.faxqclean.doneqMinutes;

      d = 60 * cfg.faxqclean.docqMinutes;

    };

  };



  mkFaxgettyService =
@@ -243,10 +254,10 @@ let 
      serviceConfig.Restart = "always";

      serviceConfig.KillMode = "process";

      serviceConfig.IgnoreSIGPIPE = false;

      serviceConfig.ExecStart = ''-${pkgs.hylafaxplus}/spool/bin/faxgetty -q "${cfg.spoolAreaPath}" /dev/%I'';

      serviceConfig.ExecStart = mkSpoolCmd "-" "faxgetty" "/dev/%I" { };

      # faxquit fails if the pipe is already gone

      # (e.g. the service is already stopping)

      serviceConfig.ExecStop = ''-${pkgs.hylafaxplus}/spool/bin/faxquit -q "${cfg.spoolAreaPath}" %I'';

      serviceConfig.ExecStop = mkSpoolCmd "-" "faxquit" "%I" { };

      # disable some systemd hardening settings

      serviceConfig.PrivateDevices = null;

      serviceConfig.RestrictRealtime = null;