fixup! Add copyright header and remove blank line.

* gnu/services/mail.scm

gnu/packages/mail.scm

@@ -40,6 +40,8 @@
 ;;; Copyright © 2020 Oleg Pykhalov <go.wigust@gmail.com>
 ;;; Copyright © 2020 B. Wilson <elaexuotee@wilsonb.com>
 ;;; Copyright © 2020 divoplade <d@divoplade.fr>
+;;; Copyright © 2020 Brant Gardner <brantcgardner@brantware.com>
+;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
 ;;; Copyright © 2021 Xinglu Chen <public@yoctocell.xyz>
 ;;; Copyright © 2021 Benoit Joly <benoit@benoitj.ca>
 ;;; Copyright © 2021 Morgan Smith <Morgan.J.Smith@outlook.com>
@@ -4964,3 +4966,129 @@ features:
     ;; <https://lists.sr.ht/~rjarry/aerc-devel/%3Cb5cb213a7d0c699a886971658c2476
     ;; 1073eb2391%40disroot.org%3E>
     (license license:gpl3+)))
+
+(define-public postfix-minimal
+  (package
+    (name "postfix-minimal")
+    (version "3.7.7")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "http://cdn.postfix.johnriley.me/"
+                                  "mirrors/postfix-release/official/"
+                                  "postfix-" version ".tar.gz"))
+              (sha256
+               (base32
+                "081hmln5hm2a1jx2vgbdca8w42bmb71xqvaw2gv1d34km9am7jvs"))))
+    (build-system gnu-build-system)
+    (arguments
+     (list
+      #:modules '((srfi srfi-26)
+                  (guix build utils)
+                  (guix build gnu-build-system))
+      #:tests? #false ;no check target
+      #:phases
+      #~(modify-phases %standard-phases
+          (delete 'configure)
+          (add-before 'build 'patch-/bin/sh
+            (lambda _
+              (substitute* (find-files "." "^Makefile.in")
+                (("/bin/sh") (which "sh")))))
+          ;; allow us to find the bdb headers
+          (add-before 'build 'patch-/usr/include
+            (lambda _
+              (substitute* '("makedefs")
+                (("/usr/include") (string-append #$(this-package-input "bdb")
+                                                 "/include")))))
+          (add-before 'build 'set-up-environment
+            (lambda _
+              ;; os detection on Guix System does not provide this
+              (setenv "AUXLIBS" "-lnsl")
+              ;; have to set this here, so that we get the correct
+              ;; location in the compiled binaries
+              (setenv "shlib_directory" #$output)))
+          ;; do not allow writes to the configuration directory,
+          ;; so that we can keep that in the store
+          (add-before 'build 'disable-postconf-edit
+            (lambda _
+              (substitute* "src/postconf/postconf_edit.c"
+                (("pcf_set_config_dir\\(\\);") "return 0;"))))
+          (add-before 'build 'configure-compile
+            (lambda _
+              (invoke "make" "makefiles" "pie=yes" "dynamicmaps=yes")))
+          (add-before 'install 'fix-postfix-scripts-path
+            (lambda* (#:key inputs #:allow-other-keys)
+              (let ((path (string-join
+                           (map (compose (cute string-append <> "/bin")
+                                         (cute assoc-ref inputs <>))
+                                '("bash" "coreutils" "findutils" "gawk" "grep"
+                                  "sed"))
+                           ":")))
+                (substitute* '("postfix-install"
+                               "conf/post-install"
+                               "conf/postfix-script")
+                  (("^SHELL=/bin/sh")
+                   (string-append "PATH=" path "\n"
+                                  "SHELL=" (assoc-ref inputs "bash") "/bin/sh"))))))
+          (add-before 'install 'configure-install
+            (lambda _
+              (setenv "command_directory"
+                      (string-append #$output "/sbin"))
+              (setenv "config_directory"
+                      (string-append #$output "/etc/postfix"))
+              (setenv "daemon_directory"
+                      (string-append #$output "/libexec/postfix"))
+              (setenv "data_directory"
+                      (string-append #$output "/var/lib/postfix/data"))
+              (setenv "html_directory"
+                      (string-append #$output "/share/postfix/doc/html"))
+              (setenv "mailq_path"
+                      (string-append #$output "/bin/mailq"))
+              (setenv "manpage_directory"
+                      (string-append #$output "/share/man"))
+              (setenv "meta_directory"
+                      (string-append #$output "/etc/postfix"))
+              (setenv "newaliases_path"
+                      (string-append #$output "/bin/newaliases"))
+              (setenv "queue_directory"
+                      (string-append #$output "/var/lib/postfix/queue"))
+              (setenv "readme_directory"
+                      (string-append #$output "/share/postfix/doc"))
+              (setenv "sendmail_path"
+                      (string-append #$output "/bin/sendmail"))
+              (setenv "tempdir" "/tmp")))
+          ;; done in the service activation snippet
+          ;; we don't have the account here
+          (add-before 'fix-postfix-scripts-path 'disable-chown
+            (lambda _
+              (substitute* "postfix-install"
+                (("chown") (which "true")))
+              (substitute* "postfix-install"
+                (("chgrp") (which "true")))))
+          ;; disable writing the configuration files (service provides these)
+          ;; disable chowning (does not matter, stuff ends up in the store)
+          ;; and disable live update code (we always install to a clean directory)
+          (add-after 'configure-install 'disable-postinstall
+            (lambda _
+              (substitute* "postfix-install"
+                (("# we're sorry.") "exit 0"))))
+          ;; postfix by default uses an interactive installer
+          ;; replacing it with the upgrade target allows for
+          ;; a non-interactive install.
+          (replace 'install
+            (lambda _ (invoke "make" "upgrade"))))))
+    (inputs
+     (list bdb libnsl))
+    (native-inputs
+     (list coreutils
+           findutils
+           gawk
+           m4
+           sed))
+    (home-page "https://www.postfix.org")
+    (synopsis "Wietse Venema's mail server")
+    (description "Postfix is Wietse Venema's mail server that started life at
+IBM research as an alternative to the widely-used Sendmail program.  Now at
+Google, Wietse continues to support Postfix.  Postfix attempts to be fast, easy
+to administer, and secure. The outside has a definite Sendmail-ish flavor, but
+the inside is completely different.")
+    (license license:ibmpl1.0)))

gnu/services/mail.scm

@@ -5,6 +5,9 @@
 ;;; Copyright © 2017, 2020 Tobias Geerinckx-Rice <me@tobias.gr>
 ;;; Copyright © 2019 Kristofer Buffington <kristoferbuffington@gmail.com>
 ;;; Copyright © 2020 Jonathan Brielmaier <jonathan.brielmaier@web.de>
+;;; Copyright © 2020 Gábor Boskovits <boskovits@gmail.com>
+;;; Copyright © 2020 Jan (janneke) Nieuwenhuizen <janneke@gnu.org>
+;;; Copyright © 2023 Ricardo Wurmus <rekado@elephly.net>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -80,7 +83,21 @@
             radicale-configuration
             radicale-configuration?
             radicale-service-type
-            %default-radicale-config-file))
+            %default-radicale-config-file
+
+            <postfix-configuration>
+            postfix-configuration
+            postfix-configuration?
+            postfix-configuration-postfix
+            postfix-configuration-master-file
+            postfix-configuration-main-file
+            postfix-configuration-queue-directory
+            postfix-configuration-data-directory
+            postfix-configuration-user
+            postfix-configuration-group
+            postfix-configuration-setgid-commands?
+
+            postfix-service-type))
 
 ;;; Commentary:
 ;;;
@@ -1987,3 +2004,174 @@ hosts = localhost:5232"))
           (service-extension account-service-type (const %radicale-accounts))
           (service-extension activation-service-type radicale-activation)))
    (default-value (radicale-configuration))))
+
+
+;;;
+;;; Postfix mail server.
+;;;
+
+(define-record-type* <postfix-configuration>
+  postfix-configuration
+  make-postfix-configuration
+  postfix-configuration?
+  (postfix postfix-configuration-postfix
+           (default postfix-minimal))
+  (master-file postfix-configuration-master-file
+               (default #f))
+  (main-file postfix-configuration-main-file
+             (default #f))
+  (queue-directory postfix-configuration-queue-directory
+                   (default "/var/spool/postfix"))
+  (data-directory postfix-configuration-data-directory
+                  (default "/var/lib/postfix"))
+  (meta-directory postfix-configuration-meta-directory
+                  (default #f))
+  (setgid-commands? postfix-configuration-setgid-commands? (default #t))
+  (user postfix-configuration-user
+        (default "postfix"))
+  (group postfix-configuration-group
+         (default "postdrop")))
+
+(define default-postfix-master.cf
+  (plain-file "master.cf" "\
+smtp      inet  n       -       n       -       -       smtpd
+pickup    unix  n       -       n       60      1       pickup
+cleanup   unix  n       -       n       -       0       cleanup
+qmgr      unix  n       -       n       300     1       qmgr
+tlsmgr    unix  -       -       n       1000?   1       tlsmgr
+rewrite   unix  -       -       n       -       -       trivial-rewrite
+bounce    unix  -       -       n       -       0       bounce
+defer     unix  -       -       n       -       0       bounce
+trace     unix  -       -       n       -       0       bounce
+verify    unix  -       -       n       -       1       verify
+flush     unix  n       -       n       1000?   0       flush
+proxymap  unix  -       -       n       -       -       proxymap
+proxywrite unix -       -       n       -       1       proxymap
+smtp      unix  -       -       n       -       -       smtp
+relay     unix  -       -       n       -       -       smtp
+        -o syslog_name=postfix/$service_name
+showq     unix  n       -       n       -       -       showq
+error     unix  -       -       n       -       -       error
+retry     unix  -       -       n       -       -       error
+discard   unix  -       -       n       -       -       discard
+local     unix  -       n       n       -       -       local
+virtual   unix  -       n       n       -       -       virtual
+lmtp      unix  -       -       n       -       -       lmtp
+anvil     unix  -       -       n       -       1       anvil
+scache    unix  -       -       n       -       1       scache
+postlog   unix-dgram n  -       n       -       1       postlogd
+"))
+
+(define (default-postfix-main.cf config)
+  (match-record config <postfix-configuration>
+    (postfix queue-directory data-directory meta-directory user group)
+    (mixed-text-file "main.cf" "\
+compatibility_level = 2
+queue_directory = " queue-directory "
+command_directory = " postfix  "
+daemon_directory = " postfix "
+data_directory = " data-directory "
+meta_directory = " (or meta-directory postfix) "
+mail_owner = " user "
+setgid_group = " group "
+inet_protocols = ipv4
+")))
+
+(define (postfix-configuration-directory config)
+  (match-record config <postfix-configuration>
+    (master-file main-file)
+    (file-union "postfix-config-dir"
+                `(("master.cf" ,(or master-file default-postfix-master.cf))
+                  ("main.cf" ,(or main-file (default-postfix-main.cf config)))))))
+
+(define (postfix-accounts config)
+  (match-record config <postfix-configuration>
+    (queue-directory user group)
+    (list (user-account
+           (name user)
+           (group "postfix")
+           (comment "Postfix system user")
+           (home-directory queue-directory))
+          (user-group
+           (name "postfix"))
+          (user-group
+           (name group)))))
+
+(define (postfix-activation config)
+  (match-record config <postfix-configuration>
+    (data-directory user)
+    (with-imported-modules '((guix build utils))
+      #~(begin
+          (use-modules (guix build utils))
+
+          (let* ((postfix (getpwnam #$user))
+                 (uid (passwd:uid postfix))
+                 (gid (passwd:gid postfix)))
+            (mkdir-p #$data-directory)
+            (for-each (lambda (file)
+                        (chown file uid gid))
+                      (find-files #$data-directory #:directories? #t)))))))
+
+(define (postfix-shepherd-service config)
+  (match-record config <postfix-configuration>
+    (postfix)
+    (let* ((postfix-binary (file-append postfix "/postfix"))
+           (postalias-binary (file-append postfix "/postalias"))
+           (postfix-action
+            (lambda (action)
+              #~(lambda _
+                  (when (or (not (file-exists? "/etc/aliases.db"))
+                            (> (stat:mtime (stat "/etc/aliases"))
+                               (stat:mtime (stat "/etc/aliases.db"))))
+                    (invoke #$postalias-binary
+                            "-c"
+                            #$(postfix-configuration-directory config)
+                            "/etc/aliases"))
+                  (invoke #$postfix-binary "-c"
+                          #$(postfix-configuration-directory config)
+                          #$action)))))
+      (list
+       (shepherd-service
+        (provision '(postfix))
+        (documentation "Run the Postfix MTA.")
+        (start (postfix-action "start"))
+        (stop (postfix-action "stop")))))))
+
+(define (postfix-set-gids config)
+  (match-record config <postfix-configuration>
+    (postfix setgid-commands? group)
+    (if setgid-commands?
+        (list
+         (setuid-program
+          (program (file-append postfix "/bin/mailq"))
+          (setuid? #false)
+          (setgid? #true)
+          (group group))
+         (setuid-program
+          (program (file-append postfix "/bin/sendmail"))
+          (setuid? #false)
+          (setgid? #true)
+          (group group))
+         (setuid-program
+          (program (file-append postfix "/sbin/postqueue"))
+          (setuid? #false)
+          (setgid? #true)
+          (group group))
+         (setuid-program
+          (program (file-append postfix "/sbin/postdrop"))
+          (setuid? #false)
+          (setgid? #true)
+          (group group)))
+        '())))
+
+(define postfix-service-type
+  (service-type
+   (name 'postfix)
+   (extensions
+    (list (service-extension account-service-type postfix-accounts)
+          (service-extension activation-service-type postfix-activation)
+          (service-extension shepherd-root-service-type postfix-shepherd-service)
+          (service-extension mail-aliases-service-type (const '()))
+          (service-extension setuid-program-service-type postfix-set-gids)))
+   (description "Run the Postfix MTA.")
+   (default-value (postfix-configuration))))

gnu/system/examples/postfix.tmpl

@@ -0,0 +1,54 @@
+;; This is an operating system configuration template for testing postfix.
+
+(use-modules (gnu))
+(use-service-modules mail networking ssh)
+(use-package-modules ssh)
+
+(operating-system
+  (host-name "komputilo")
+  (timezone "Europe/Berlin")
+  (locale "en_US.utf8")
+
+  ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the
+  ;; target hard disk, and "my-root" is the label of the target
+  ;; root file system.
+  (bootloader (bootloader-configuration
+                (bootloader grub-bootloader)
+                (target "/dev/sdX")))
+
+  ;; Allow run-vm.sh --nographic
+  (kernel-arguments '("console=tty0" "console=ttyS0"))
+  (file-systems (cons (file-system
+                        (device (file-system-label "guix"))
+                        (mount-point "/")
+                        (type "ext4"))
+                      %base-file-systems))
+
+  ;; This is where user accounts are specified.  The "root"
+  ;; account is implicit, and is initially created with the
+  ;; empty password.
+  (users (cons (user-account
+                (name "alice")
+                (comment "Bob's sister")
+                (group "users")
+
+                ;; Adding the account to the "wheel" group
+                ;; makes it a sudoer.
+                (supplementary-groups '("wheel")))
+               %base-user-accounts))
+
+  ;; Add services to the baseline: a DHCP client, POSTFIX and
+  ;; an SSH server.
+  (services (append (list (service dhcp-client-service-type)
+                          (service openssh-service-type
+                             (openssh-configuration
+                              (openssh openssh-sans-x)
+                              (use-pam? #f)
+                              (port-number 2222)
+                              (permit-root-login #t)
+                              (allow-empty-passwords? #t)
+                              (password-authentication? #t)))
+                          (service mail-aliases-service-type
+                                   '(("postmaster" "root")))
+                          (service postfix-service-type))
+                    %base-services)))