Skip to content

Parsedmarc

services.parsedmarc.enable

Whether to enable parsedmarc, a DMARC report monitoring service . Type: boolean

Default

false

Example

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.elasticsearch

Whether to set up and use a local instance of Elasticsearch.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.geoIp

Whether to enable and configure the geoipupdate service to automatically fetch GeoIP databases. Not crucial, but recommended for full functionality.

To finish the setup, you need to manually set the and options.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.grafana.dashboard

Whether the official parsedmarc grafana dashboard should be provisioned to the local grafana instance.

Type: boolean

Default

config.services.grafana.enable

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.grafana.datasource

Whether the automatically provisioned Elasticsearch instance should be added as a grafana datasource. Has no effect unless is also enabled.

Type: boolean

Default

config.services.parsedmarc.provision.elasticsearch && config.services.grafana.enable

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.localMail.enable

Whether Postfix and Dovecot should be set up to receive mail locally. parsedmarc will be configured to watch the local inbox as the automatically created user specified in

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.localMail.hostname

The hostname to use when configuring Postfix.

Should correspond to the host's fully qualified domain name and the domain part of the email address which receives DMARC reports. You also have to set up an MX record pointing to this domain name.

Type: string

Default

config.networking.fqdn

Example

"monitoring.example.com"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.provision.localMail.recipientName

The DMARC mail recipient name, i.e. the name part of the email address which receives DMARC reports.

A local user with this name will be set up and assigned a randomized password on service start.

Type: string

Default

"dmarc"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings

Configuration parameters to set in {file}parsedmarc.ini. For a full list of available parameters, see https://domainaware.github.io/parsedmarc/#configuration-file.

Settings containing secret data should be set to an attribute set containing the attribute _secret - a string pointing to a file containing the value the option should be set to. See the example to get a better picture of this: in the resulting {file}parsedmarc.ini file, the splunk_hec.token key will be set to the contents of the {file}/run/keys/splunk_token file.

Type: attribute set of section of an INI file (attrs of INI atom (null, bool, int, float or string))

Example

{imap = {host = "imap.example.com";user = "alice@example.com";password = { _secret = "/run/keys/imap_password" };};mailbox = {watch = true;batch_size = 30;};splunk_hec = {url = "https://splunkhec.example.com";token = { _secret = "/run/keys/splunk_token" };index = "email";};}

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.elasticsearch.cert_path

The path to a TLS certificate bundle used to verify the server's certificate.

Type: path

Default

"/etc/ssl/certs/ca-certificates.crt"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.elasticsearch.hosts

A list of Elasticsearch hosts to push parsed reports to.

Type: list of string

Default

[ ]

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.elasticsearch.password

The password to use when connecting to Elasticsearch, if required.

Always handled as a secret whether the value is wrapped in a { _secret = ...; } attrset or not (refer to for details).

Type: null or path or attribute set of path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.elasticsearch.ssl

Whether to use an encrypted SSL/TLS connection.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.elasticsearch.user

Username to use when connecting to Elasticsearch, if required.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.general.save_aggregate

Save aggregate report data to Elasticsearch and/or Splunk.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.general.save_forensic

Save forensic report data to Elasticsearch and/or Splunk.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.imap.host

The IMAP server hostname or IP address.

Type: string

Default

"localhost"

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.imap.password

The IMAP server password.

Always handled as a secret whether the value is wrapped in a { _secret = ...; } attrset or not (refer to for details).

Type: null or path or attribute set of path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.imap.port

The IMAP server port.

Type: 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

993

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.imap.ssl

Use an encrypted SSL/TLS connection.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.imap.user

The IMAP server username.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.mailbox.delete

Delete messages after processing them, instead of archiving them.

Type: boolean

Default

false

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.mailbox.watch

Use the IMAP IDLE command to process messages as they arrive.

Type: boolean

Default

true

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.from

The From address to use for the outgoing mail.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.host

The SMTP server hostname or IP address.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.password

The SMTP server password.

Always handled as a secret whether the value is wrapped in a { _secret = ...; } attrset or not (refer to for details).

Type: null or path or attribute set of path

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.port

The SMTP server port.

Type: null or 16 bit unsigned integer; between 0 and 65535 (both inclusive)

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.ssl

Use an encrypted SSL/TLS connection.

Type: null or boolean

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.to

The addresses to send outgoing mail to.

Type: null or (list of string)

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix

services.parsedmarc.settings.smtp.user

The SMTP server username.

Type: null or string

Default

null

Declared by: https://github.com/nixos/nixpkgs/blob/master/nixos/modules/services/monitoring/parsedmarc.nix