nixpkgs/pkgs/servers/mail/dovecot/default.nix
Julien Moutinho 27f95f3f9c dovecot: allow sasl_bind=yes in the LDAP driver.
Dovecot has its own SASL implementation,
but needs Cyrus SASL's headers to bind to an LDAP server using SASL.

This is useful to avoid the need to manage a dnpass= in dovecot-ldap.conf
by using the Unix socket to authenticate.

This is done with sasl_mech=EXTERNAL in dovecot-ldap.conf, and some olcAccess: with
 by dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read
in the slapd's cn=config for the LDAP database queried by dovecot/auth (which runs as root).
2018-09-19 17:20:29 +02:00

79 lines
2.6 KiB
Nix

{ stdenv, lib, fetchurl, perl, pkgconfig, systemd, openssl
, bzip2, zlib, lz4, inotify-tools, pam, libcap
, clucene_core_2, icu, openldap, libsodium, libstemmer, cyrus_sasl
# Auth modules
, withMySQL ? false, mysql
, withPgSQL ? false, postgresql
, withSQLite ? true, sqlite
}:
stdenv.mkDerivation rec {
name = "dovecot-2.3.2.1";
nativeBuildInputs = [ perl pkgconfig ];
buildInputs =
[ openssl bzip2 zlib lz4 clucene_core_2 icu openldap libsodium libstemmer cyrus_sasl.dev ]
++ lib.optionals (stdenv.isLinux) [ systemd pam libcap inotify-tools ]
++ lib.optional withMySQL mysql.connector-c
++ lib.optional withPgSQL postgresql
++ lib.optional withSQLite sqlite;
src = fetchurl {
url = "https://dovecot.org/releases/2.3/${name}.tar.gz";
sha256 = "0d2ffbicgl3wswbnyjbw6qigz7r1aqzprpchbwp5cynw122i2raa";
};
preConfigure = ''
patchShebangs src/config/settings-get.pl
'';
# We need this for sysconfdir, see remark below.
installFlags = [ "DESTDIR=$(out)" ];
postInstall = ''
cp -r $out/$out/* $out
rm -rf $out/$(echo "$out" | cut -d "/" -f2)
'' + lib.optionalString stdenv.isDarwin ''
install_name_tool -change libclucene-shared.1.dylib \
${clucene_core_2}/lib/libclucene-shared.1.dylib \
$out/lib/dovecot/lib21_fts_lucene_plugin.so
install_name_tool -change libclucene-core.1.dylib \
${clucene_core_2}/lib/libclucene-core.1.dylib \
$out/lib/dovecot/lib21_fts_lucene_plugin.so
'';
patches = [
# Make dovecot look for plugins in /etc/dovecot/modules
# so we can symlink plugins from several packages there.
# The symlinking needs to be done in NixOS.
./2.2.x-module_dir.patch
];
configureFlags = [
# It will hardcode this for /var/lib/dovecot.
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=626211
"--localstatedir=/var"
# We need this so utilities default to reading /etc/dovecot/dovecot.conf file.
"--sysconfdir=/etc"
"--with-ldap"
"--with-ssl=openssl"
"--with-zlib"
"--with-bzlib"
"--with-lz4"
"--with-ldap"
"--with-lucene"
"--with-icu"
] ++ lib.optional (stdenv.isLinux) "--with-systemdsystemunitdir=$(out)/etc/systemd/system"
++ lib.optional (stdenv.isDarwin) "--enable-static"
++ lib.optional withMySQL "--with-mysql"
++ lib.optional withPgSQL "--with-pgsql"
++ lib.optional withSQLite "--with-sqlite";
meta = {
homepage = https://dovecot.org/;
description = "Open source IMAP and POP3 email server written with security primarily in mind";
maintainers = with stdenv.lib.maintainers; [ peti rickynils fpletz ];
platforms = stdenv.lib.platforms.unix;
};
}