Skip to content

Commit

Permalink
Merge pull request #1031 from flyingcircusio/PL-132331-userscan-dont-…
Browse files Browse the repository at this point in the history 
…scan-maildir

mailserver: ignore vmail user for garbage collection scan
  • Loading branch information
@osnyx
osnyx committed Jul 4, 2024
2 parents e4b5a68 + e843bce commit 9b86eb9
Show file tree
Hide file tree
Showing 4 changed files with 29 additions and 1 deletion.
8 changes: 8 additions & 0 deletions nixos/platform/collect-garbage.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,20 @@ in {
collect-garbage =
mkEnableOption
"automatic scanning for Nix store references and garbage collection";
userscan-ignore-users = lib.mkOption {
default = [];
type = types.listOf types.str;
description = "Users to ignore while scanning for store references.";
};
};
};

config = lib.mkMerge [
{
environment.etc."userscan/exclude".source = ./collect-garbage-userscan.exclude;
environment.etc."userscan/ignore-users".text = (
lib.concatStringsSep "\n" config.flyingcircus.agent.userscan-ignore-users
);
systemd.tmpfiles.rules = [
"f ${log}"
];
Expand Down
2 changes: 2 additions & 0 deletions nixos/services/mail/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,8 @@ in {
vmailUserName = "vmail";
};

flyingcircus.agent.userscan-ignore-users = [ "vmail" ];

# See https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/issues/289
systemd.services.postfix.restartTriggers = [ config.mailserver.localDnsResolver ];
systemd.services.rspamd.restartTriggers = [ config.mailserver.localDnsResolver ];
Expand Down
16 changes: 15 additions & 1 deletion pkgs/fc/agent/fc/manage/collect_garbage.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import pwd
import subprocess
from pathlib import Path
from typing import List, Optional

import fc.util.lock
import structlog
Expand Down Expand Up @@ -56,17 +57,30 @@ def collect_garbage(
default="/run/lock",
help="Where the lock file for exclusive operations should be placed.",
),
ignore_users_file: Path = Option(
exists=True,
file_okay=True,
dir_okay=False,
readable=True,
default="/etc/userscan/ignore-users",
help="File with names of users to ignore for fc-userscan",
),
):
init_logging(verbose, syslog_identifier="fc-collect-garbage")
log = structlog.get_logger()

log.debug("collect-garbage-start")

return_codes = []

with ignore_users_file.open("r") as f:
ignore_users = set([x.strip() for x in f])
users_to_scan = [
user
for user in pwd.getpwall()
if user.pw_uid >= 1000 and user.pw_dir != "/var/empty"
if user.pw_uid >= 1000
and user.pw_dir != "/var/empty"
and user.pw_name not in ignore_users
]
log.info(
"userscan-start",
Expand Down
4 changes: 4 additions & 0 deletions pkgs/fc/agent/fc/manage/tests/test_collect_garbage.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@ def test_invoke(locked, getpwall: Mock, run, popen, tmpdir, log, logger):
runner = typer.testing.CliRunner()
exclude_file = tmpdir / "fc-userscan.exclude"
exclude_file.write_text("ignorethis", encoding="utf8")
ignore_user_file = tmpdir / "fc-userscan.ignore_users"
ignore_user_file.write_text("notthisuser", encoding="utf8")

args = (
"--verbose",
Expand All @@ -37,6 +39,8 @@ def test_invoke(locked, getpwall: Mock, run, popen, tmpdir, log, logger):
tmpdir,
"--exclude-file",
exclude_file,
"--ignore-users-file",
ignore_user_file,
)
result = runner.invoke(fc.manage.collect_garbage.app, args)

Expand Down

0 comments on commit 9b86eb9

Please sign in to comment.