numbus/numbus-server-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix clamAV onacc service.

Browse Source
This commit is contained in:
Raphaël Numbus
2026-03-01 17:39:30 +01:00
parent 65e1ba4ed2
commit d384fe1f7c
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/mail/clamav.nix
+6
View File
@@ -21,6 +21,9 @@ let
# --- Real-time / VirusEvent Mode ---
SUBJECT="Numbus Server Alert: Virus Detected (Real-time)"
# Retrieve logs from clamav-daemon
LOGS=$(journalctl -u clamav-daemon.service -n 50 --no-pager | grep "FOUND")
TECH_BODY="
ClamAV Real-time Alert:
Server owner: $OWNER_NAME
@@ -28,6 +31,9 @@ let
Virus detected: $CLAM_VIRUSEVENT_VIRUSNAME
File: $CLAM_VIRUSEVENT_FILENAME
Logs:
$LOGS
Action taken: Access blocked (OnAccessPrevention).
Please investigate manually.
"
modules/services/clamav.nix
+9 -1
View File
@@ -7,6 +7,14 @@ let
onAccessPaths = lib.mapAttrsToList (n: v: v.dataDir) (lib.filterAttrs (n: v:
v ? enable && v.enable && v ? dataDir && v.dataDir != null && v.dataDir != false
) config.numbus.services);
clamonacc_virus_notifier = pkgs.writeScript "clamonacc_virus_notifier.sh" ''
#!${pkgs.bash}/bin/bash
echo "CLAM_VIRUSEVENT_VIRUSNAME=\"$CLAM_VIRUSEVENT_VIRUSNAME\"" > /var/lib/clamav/virus_event.env
echo "CLAM_VIRUSEVENT_FILENAME=\"$CLAM_VIRUSEVENT_FILENAME\"" >> /var/lib/clamav/virus_event.env
/run/wrappers/bin/sudo /run/current-system/sw/bin/systemctl start clamav-virus-notify.service
'';
in
{
@@ -46,7 +54,7 @@ in
settings = {
OnAccessPrevention = true;
OnAccessIncludePath = onAccessPaths;
VirusEvent = "/run/current-system/sw/bin/systemctl start clamav-virus-notify.service";
VirusEvent = "${clamonacc_virus_notifier}";
};
};
};