From 369db3b2f321c8fe263084dd876dfb3a330b36cf Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 12 Jan 2022 02:27:51 +0100 Subject: [PATCH] mailpile, nixos/mailpile: drop Still actively developed and yet stuck on python2. Also marked as vulnerable and their issue tracker contains yet another security issue reported in 2021/10 that the upstream hasn't acknowledged yet. Mind blown. Closes: #135543, #97274, #97275 --- .../from_md/release-notes/rl-2205.section.xml | 7 ++ .../manual/release-notes/rl-2205.section.md | 2 + nixos/modules/misc/ids.nix | 4 +- nixos/modules/module-list.nix | 1 - nixos/modules/rename.nix | 1 + .../modules/services/networking/mailpile.nix | 74 ------------------- .../mailreaders/mailpile/default.nix | 52 ------------- pkgs/top-level/aliases.nix | 1 + pkgs/top-level/all-packages.nix | 2 - 9 files changed, 13 insertions(+), 131 deletions(-) delete mode 100644 nixos/modules/services/networking/mailpile.nix delete mode 100644 pkgs/applications/networking/mailreaders/mailpile/default.nix diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index 9c914177ed61..c453d9762d11 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -208,6 +208,13 @@ removed due to it being an outdated version. + + + The mailpile email webclient + (services.mailpile) has been removed due to + its reliance on python2. + + The MoinMoin wiki engine diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 396a09692a7e..88ceb902bb60 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -71,6 +71,8 @@ In addition to numerous new and upgraded packages, this release has the followin - `services.kubernetes.addons.dashboard` was removed due to it being an outdated version. +- The `mailpile` email webclient (`services.mailpile`) has been removed due to its reliance on python2. + - The MoinMoin wiki engine (`services.moinmoin`) has been removed, because Python 2 is being retired from nixpkgs. - The `wafHook` hook now honors `NIX_BUILD_CORES` when `enableParallelBuilding` is not set explicitly. Packages can restore the old behaviour by setting `enableParallelBuilding=false`. diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 61e7a6a8fc3d..cad3ad018574 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -182,7 +182,7 @@ in yandexdisk = 143; mxisd = 144; # was once collectd #consul = 145;# dynamically allocated as of 2021-09-03 - mailpile = 146; + #mailpile = 146; # removed 2022-01-12 redmine = 147; #seeks = 148; # removed 2020-06-21 prosody = 149; @@ -502,7 +502,7 @@ in #yandexdisk = 143; # unused mxisd = 144; # was once collectd #consul = 145; # unused - mailpile = 146; + #mailpile = 146; # removed 2022-01-12 redmine = 147; #seeks = 148; # removed 2020-06-21 prosody = 149; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index c46f60105fe6..697ed4fad723 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -791,7 +791,6 @@ ./services/networking/lldpd.nix ./services/networking/logmein-hamachi.nix ./services/networking/lxd-image-server.nix - ./services/networking/mailpile.nix ./services/networking/magic-wormhole-mailbox-server.nix ./services/networking/matterbridge.nix ./services/networking/mjpg-streamer.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index f1fb1a610767..b9a2f47f3f5a 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -51,6 +51,7 @@ with lib; (mkRemovedOptionModule [ "services" "fourStoreEndpoint" ] "The fourStoreEndpoint module has been removed") (mkRemovedOptionModule [ "services" "frab" ] "The frab module has been removed") (mkRemovedOptionModule [ "services" "kippo" ] "The corresponding package was removed from nixpkgs.") + (mkRemovedOptionModule [ "services" "mailpile" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "marathon" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "mathics" ] "The Mathics module has been removed") (mkRemovedOptionModule [ "services" "meguca" ] "Use meguca has been removed from nixpkgs") diff --git a/nixos/modules/services/networking/mailpile.nix b/nixos/modules/services/networking/mailpile.nix deleted file mode 100644 index 4673a2580b60..000000000000 --- a/nixos/modules/services/networking/mailpile.nix +++ /dev/null @@ -1,74 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; - -let - - cfg = config.services.mailpile; - - hostname = cfg.hostname; - port = cfg.port; - -in - -{ - - ###### interface - - options = { - - services.mailpile = { - enable = mkEnableOption "Mailpile the mail client"; - - hostname = mkOption { - type = types.str; - default = "localhost"; - description = "Listen to this hostname or ip."; - }; - port = mkOption { - type = types.port; - default = 33411; - description = "Listen on this port."; - }; - }; - - }; - - - ###### implementation - - config = mkIf config.services.mailpile.enable { - - users.users.mailpile = - { uid = config.ids.uids.mailpile; - description = "Mailpile user"; - createHome = true; - home = "/var/lib/mailpile"; - }; - - users.groups.mailpile = - { gid = config.ids.gids.mailpile; - }; - - systemd.services.mailpile = - { - description = "Mailpile server."; - after = [ "network.target" ]; - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - User = "mailpile"; - ExecStart = "${pkgs.mailpile}/bin/mailpile --www ${hostname}:${port} --wait"; - # mixed - first send SIGINT to main process, - # then after 2min send SIGKILL to whole group if neccessary - KillMode = "mixed"; - KillSignal = "SIGINT"; # like Ctrl+C - safe mailpile shutdown - TimeoutSec = 120; # wait 2min untill SIGKILL - }; - environment.MAILPILE_HOME = "/var/lib/mailpile/.local/share/Mailpile"; - }; - - environment.systemPackages = [ pkgs.mailpile ]; - - }; - -} diff --git a/pkgs/applications/networking/mailreaders/mailpile/default.nix b/pkgs/applications/networking/mailreaders/mailpile/default.nix deleted file mode 100644 index cab43750a56e..000000000000 --- a/pkgs/applications/networking/mailreaders/mailpile/default.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ lib, fetchFromGitHub, python2Packages, gnupg1orig, openssl, git }: - -python2Packages.buildPythonApplication rec { - pname = "mailpile"; - version = "1.0.0rc2"; - - src = fetchFromGitHub { - owner = "mailpile"; - repo = "Mailpile"; - rev = version; - sha256 = "1z5psh00fjr8gnl4yjcl4m9ywfj24y1ffa2rfb5q8hq4ksjblbdj"; - }; - - postPatch = '' - patchShebangs scripts - ''; - - nativeBuildInputs = with python2Packages; [ pbr git ]; - PBR_VERSION=version; - - propagatedBuildInputs = with python2Packages; [ - appdirs - cryptography - fasteners - gnupg1orig - jinja2 - pgpdump - pillow - python2Packages.lxml - spambayes - ]; - - postInstall = '' - wrapProgram $out/bin/mailpile \ - --prefix PATH ":" "${lib.makeBinPath [ gnupg1orig openssl ]}" \ - --set-default MAILPILE_SHARED "$out/share/mailpile" - ''; - - # No tests were found - doCheck = false; - - meta = with lib; { - description = "A modern, fast web-mail client with user-friendly encryption and privacy features"; - homepage = "https://www.mailpile.is/"; - license = [ licenses.asl20 licenses.agpl3 ]; - platforms = platforms.linux; - maintainers = [ ]; - knownVulnerabilities = [ - "Numerous and uncounted, upstream has requested we not package it. See more: https://github.com/NixOS/nixpkgs/pull/23058#issuecomment-283515104" - ]; - }; -} diff --git a/pkgs/top-level/aliases.nix b/pkgs/top-level/aliases.nix index b6d75fec6b5a..9ba9da478834 100644 --- a/pkgs/top-level/aliases.nix +++ b/pkgs/top-level/aliases.nix @@ -572,6 +572,7 @@ mapAliases ({ lzma = xz; # moved from top-level 2021-03-14 m3d-linux = m33-linux; # added 2016-08-13 mail-notification = throw "mail-notification has been removed from nixpkgs, as it's unmaintained and has dependencies on old gnome libraries we want to remove"; # added 2021-08-21 + mailpile = throw "mailpile was removed from nixpkgs, as it is stuck on python2."; # added 2022-01-12 man_db = man-db; # added 2016-05 manpages = man-pages; # added 2015-12-06 marathon = throw "marathon has been removed from nixpkgs, as it's unmaintained"; # added 2020-08-15 diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 43f90e3c10f5..276c490abf0b 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7594,8 +7594,6 @@ with pkgs; mailsend = callPackage ../tools/networking/mailsend { }; - mailpile = callPackage ../applications/networking/mailreaders/mailpile { }; - mailutils = callPackage ../tools/networking/mailutils { sasl = gsasl; };