Hi, I’m a software engineer somewhat new to NixOS; I ran my work laptop successfully on it maybe eight years ago and am looking to pick it up again, but I have some general questions around how to make editing service configuration accessible through means other than direct editing of the configuration.nix file. The reason is that I have some users (wife and kids) who, at least for now, would prefer not to know anything about OS management.
Say I want to run my own mail server, maybe using something like nixos-mailserver. There is documented configuration for specifying virtual addresses (i.e. email aliases), which forward to other addresses. Now, I’d like to develop a simple web page whose only purpose is to allow my users to create new aliases on the fly, similar to the service provided by https://addy.io/. The mail server would need to be restarted after adding a new alias to its configuration so that it would take effect. It seems like the web service would need to have access to edit the configuration.nix file and rebuild the system, which is dangerous in my mind.
How is this sort of thing usually done in a safe manner? Or is this typically avoided by just making configuration pull from a database instead? If so, how might that look in terms of the nix configuration file, specifically the configuration of the mail server extraVirtualAddresses option? I’m not looking for a complex solution here; just something simple that will let my users add new aliases without having to ask me to do it for them each time, and without giving them direct access to modify the rest of the configuration of my mail server.
Thank you for your patience with what may be a simple question.
For something like this, the general pattern is not to do dynamic configuration in Nix. Have an /etc/aliases file and give a service permission to edit that file and restart the relevant service, then point Postfix (I don’t know if nixos-mailserver uses Postfix, but probably) at that file with the services.postfix.aliasFiles option.
(I have a server configured like this, and I think this is all of the relevant bits of configuration:
I don’t remember exactly how I figured this out; it looks like it might be a bit more complicated than it needs to be, but I wrote this maybe seven years ago.)
I would setup gitea, put the alias configuration in a repository for them to edit online. It needs not to be hardened as you likely trust your family members.
Create a pipeline to merge the configuration, or a systemd service to pull from the repository, and rebuild.
Rebuilding the system is not too dangerous. The new config will not be activated if it is broken.