[perso/Immae/Config/Nix.git] / modules / private / websites / tools / mail / default.nix

{ lib, pkgs, config,  ... }:
let
  roundcubemail = pkgs.callPackage ./roundcubemail.nix {
    inherit (pkgs.webapps) roundcubemail;
    env = config.myEnv.tools.roundcubemail;
    inherit config;
  };
  rainloop = pkgs.callPackage ./rainloop.nix {
    rainloop = pkgs.rainloop-community;
  };
  cfg = config.myServices.websites.tools.email;
  pcfg = config.services.phpfpm.pools;
in
{
  options.myServices.websites.tools.email = {
    enable = lib.mkEnableOption "enable email website";
  };

  imports = [
    ./mta-sts.nix
  ];

  config = lib.mkIf cfg.enable {
    #myServices.chatonsProperties.services.mail-rainloop = {
    #  file.datetime = "2022-08-22T00:30:00";
    #  service = {
    #    name = "Rainloop";
    #    description = "Simple, modern & fast web-based email client";
    #    website = "https://mail.immae.eu/rainloop";
    #    logo = "https://www.rainloop.net/static/img/logo-16x16.png";
    #    status.level = "ERROR";
    #    status.description = "Stopped due to CVE-2022-29360";
    #    registration."" = ["MEMBER" "CLIENT"];
    #    registration.load = "OPEN";
    #    install.type = "PACKAGE";
    #  };
    #  software = {
    #    name = "Rainloop";
    #    website = "https://www.rainloop.net/";
    #    license.url = "https://www.rainloop.net/licensing/";
    #    license.name = "GNU Affero General Public License v3.0";
    #    version = rainloop.webRoot.version;
    #    source.url = "https://github.com/RainLoop/rainloop-webmail";
    #  };
    #};
    #myServices.chatonsProperties.services.mail-roundcube = {
    #  file.datetime = "2022-08-22T00:30:00";
    #  service = {
    #    name = "Roundcube";
    #    description = "The Roundcube Webmail suite";
    #    website = "https://mail.immae.eu/roundcube";
    #    logo = "https://mail.immae.eu/roundcube/skins/elastic/images/favicon.ico";
    #    status.level = "OK";
    #    status.description = "OK";
    #    registration."" = ["MEMBER" "CLIENT"];
    #    registration.load = "OPEN";
    #    install.type = "PACKAGE";
    #  };
    #  software = {
    #    name = "Roundcube";
    #    website = "https://roundcube.net/";
    #    license.url = "https://github.com/roundcube/roundcubemail/blob/master/LICENSE";
    #    license.name = "GNU General Public License v3.0";
    #    version = roundcubemail.webRoot.version;
    #    source.url = "https://github.com/roundcube/roundcubemail";
    #    modules = map (a: a.pluginName) roundcubemail.webRoot.plugins ++ map (a: a.skinName) roundcubemail.webRoot.skins;
    #  };
    #};
    secrets.keys = roundcubemail.keys;

    services.websites.env.tools.modules =
      [ "proxy_fcgi" ]
      ++ rainloop.apache.modules
      ++ roundcubemail.apache.modules;

    services.websites.env.tools.vhostConfs.mail = {
      certName   = "mail";
      addToCerts = true;
      hosts      = ["mail.immae.eu"];
      root       = ./www;
      extraConfig = [
        (rainloop.apache.vhostConf pcfg.rainloop.socket)
        (roundcubemail.apache.vhostConf pcfg.roundcubemail.socket)
        ''
          <Directory ${./www}>
            Require all granted
            Options -Indexes
          </Directory>
        ''
      ];
    };
    systemd.services = {
      phpfpm-rainloop = {
        after = lib.mkAfter rainloop.phpFpm.serviceDeps;
        wants = rainloop.phpFpm.serviceDeps;
      };
      phpfpm-roundcubemail = {
        after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
        wants = roundcubemail.phpFpm.serviceDeps;
      };
    };

    services.phpfpm.pools.roundcubemail = {
      user = "wwwrun";
      group = "wwwrun";
      settings = roundcubemail.phpFpm.pool;
      phpOptions = config.services.phpfpm.phpOptions + ''
        date.timezone = 'CET'
      '';
      phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [ all.imagick ]);
    };
    services.phpfpm.pools.rainloop = {
      user = "wwwrun";
      group = "wwwrun";
      settings = rainloop.phpFpm.pool;
      phpPackage = pkgs.php72;
    };
    system.activationScripts = {
      roundcubemail = roundcubemail.activationScript;
      rainloop = rainloop.activationScript;
    };
  };

}
Commit	Line	Data
ab8f306d	1	{ lib, pkgs, config, ... }:
afcc5de0 IB	2	let
afcc5de0 IB	3	roundcubemail = pkgs.callPackage ./roundcubemail.nix {
34c7b88e	4	inherit (pkgs.webapps) roundcubemail;
ab8f306d	5	env = config.myEnv.tools.roundcubemail;
da30ae4f	6	inherit config;
afcc5de0	7	};
dcac3ec7 IB	8	rainloop = pkgs.callPackage ./rainloop.nix {
	9	rainloop = pkgs.rainloop-community;
	10	};
afcc5de0	11	cfg = config.myServices.websites.tools.email;
5400b9b6	12	pcfg = config.services.phpfpm.pools;
afcc5de0 IB	13	in
	14	{
	15	options.myServices.websites.tools.email = {
	16	enable = lib.mkEnableOption "enable email website";
	17	};
	18
	19	imports = [
	20	./mta-sts.nix
	21	];
	22
	23	config = lib.mkIf cfg.enable {
120bcf4d IB	24	#myServices.chatonsProperties.services.mail-rainloop = {
	25	# file.datetime = "2022-08-22T00:30:00";
	26	# service = {
	27	# name = "Rainloop";
	28	# description = "Simple, modern & fast web-based email client";
	29	# website = "https://mail.immae.eu/rainloop";
	30	# logo = "https://www.rainloop.net/static/img/logo-16x16.png";
	31	# status.level = "ERROR";
	32	# status.description = "Stopped due to CVE-2022-29360";
	33	# registration."" = ["MEMBER" "CLIENT"];
	34	# registration.load = "OPEN";
	35	# install.type = "PACKAGE";
	36	# };
	37	# software = {
	38	# name = "Rainloop";
	39	# website = "https://www.rainloop.net/";
	40	# license.url = "https://www.rainloop.net/licensing/";
	41	# license.name = "GNU Affero General Public License v3.0";
	42	# version = rainloop.webRoot.version;
	43	# source.url = "https://github.com/RainLoop/rainloop-webmail";
	44	# };
	45	#};
	46	#myServices.chatonsProperties.services.mail-roundcube = {
	47	# file.datetime = "2022-08-22T00:30:00";
	48	# service = {
	49	# name = "Roundcube";
	50	# description = "The Roundcube Webmail suite";
	51	# website = "https://mail.immae.eu/roundcube";
	52	# logo = "https://mail.immae.eu/roundcube/skins/elastic/images/favicon.ico";
	53	# status.level = "OK";
	54	# status.description = "OK";
	55	# registration."" = ["MEMBER" "CLIENT"];
	56	# registration.load = "OPEN";
	57	# install.type = "PACKAGE";
	58	# };
	59	# software = {
	60	# name = "Roundcube";
	61	# website = "https://roundcube.net/";
	62	# license.url = "https://github.com/roundcube/roundcubemail/blob/master/LICENSE";
	63	# license.name = "GNU General Public License v3.0";
	64	# version = roundcubemail.webRoot.version;
	65	# source.url = "https://github.com/roundcube/roundcubemail";
	66	# modules = map (a: a.pluginName) roundcubemail.webRoot.plugins ++ map (a: a.skinName) roundcubemail.webRoot.skins;
	67	# };
	68	#};
afcc5de0 IB	69	secrets.keys = roundcubemail.keys;
	70
	71	services.websites.env.tools.modules =
	72	[ "proxy_fcgi" ]
	73	++ rainloop.apache.modules
	74	++ roundcubemail.apache.modules;
	75
	76	services.websites.env.tools.vhostConfs.mail = {
	77	certName = "mail";
	78	addToCerts = true;
	79	hosts = ["mail.immae.eu"];
750fe5a4	80	root = ./www;
afcc5de0	81	extraConfig = [
5400b9b6 IB	82	(rainloop.apache.vhostConf pcfg.rainloop.socket)
5400b9b6 IB	83	(roundcubemail.apache.vhostConf pcfg.roundcubemail.socket)
afcc5de0	84	''
750fe5a4	85	<Directory ${./www}>
afcc5de0 IB	86	Require all granted
	87	Options -Indexes
	88	</Directory>
	89	''
	90	];
	91	};
	92	systemd.services = {
	93	phpfpm-rainloop = {
	94	after = lib.mkAfter rainloop.phpFpm.serviceDeps;
	95	wants = rainloop.phpFpm.serviceDeps;
	96	};
	97	phpfpm-roundcubemail = {
	98	after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
	99	wants = roundcubemail.phpFpm.serviceDeps;
	100	};
	101	};
	102
	103	services.phpfpm.pools.roundcubemail = {
5400b9b6 IB	104	user = "wwwrun";
	105	group = "wwwrun";
	106	settings = roundcubemail.phpFpm.pool;
dcac3ec7 IB	107	phpOptions = config.services.phpfpm.phpOptions + ''
dcac3ec7 IB	108	date.timezone = 'CET'
dcac3ec7	109	'';
2053ddac	110	phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [ all.imagick ]);
afcc5de0	111	};
441da8aa	112	services.phpfpm.pools.rainloop = {
5400b9b6 IB	113	user = "wwwrun";
	114	group = "wwwrun";
	115	settings = rainloop.phpFpm.pool;
dcac3ec7	116	phpPackage = pkgs.php72;
afcc5de0 IB	117	};
	118	system.activationScripts = {
	119	roundcubemail = roundcubemail.activationScript;
	120	rainloop = rainloop.activationScript;
	121	};
afcc5de0 IB	122	};
	123
	124	}