nixos/exim: allow using service credentials

By settings User= to the actual Exim user, systemd will ensure that the
credentials directory will have the correct ownership, allowing users to
utilize LoadCredential=.  Exim still gets started as root (and drops
privileges) to preserve the previous behavior.
This commit is contained in:
tv 2022-12-14 15:44:08 +01:00
parent 074623d912
commit 816614bd62

View file

@ -116,8 +116,9 @@ in
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
restartTriggers = [ config.environment.etc."exim.conf".source ]; restartTriggers = [ config.environment.etc."exim.conf".source ];
serviceConfig = { serviceConfig = {
ExecStart = "${cfg.package}/bin/exim -bdf -q${cfg.queueRunnerInterval}"; ExecStart = "+${cfg.package}/bin/exim -bdf -q${cfg.queueRunnerInterval}";
ExecReload = "${coreutils}/bin/kill -HUP $MAINPID"; ExecReload = "+${coreutils}/bin/kill -HUP $MAINPID";
User = cfg.user;
}; };
preStart = '' preStart = ''
if ! test -d ${cfg.spoolDir}; then if ! test -d ${cfg.spoolDir}; then