modules/private/websites/tools/mail/default.nix

   1 { lib, pkgs, config,  ... }:
   2 let
   3   roundcubemail = pkgs.callPackage ./roundcubemail.nix {
   4     inherit (pkgs.webapps) roundcubemail;
   5     env = config.myEnv.tools.roundcubemail;
   6     inherit config;
   7   };
   8   rainloop = pkgs.callPackage ./rainloop.nix {
   9     rainloop = pkgs.rainloop-community;
  10   };
  11   cfg = config.myServices.websites.tools.email;
  12   pcfg = config.services.phpfpm.pools;
  13 in
  14 {
  15   options.myServices.websites.tools.email = {
  16     enable = lib.mkEnableOption "enable email website";
  17   };
  18
  19   imports = [
  20     ./mta-sts.nix
  21   ];
  22
  23   config = lib.mkIf cfg.enable {
  24     #myServices.chatonsProperties.services.mail-rainloop = {
  25     #  file.datetime = "2022-08-22T00:30:00";
  26     #  service = {
  27     #    name = "Rainloop";
  28     #    description = "Simple, modern & fast web-based email client";
  29     #    website = "https://mail.immae.eu/rainloop";
  30     #    logo = "https://www.rainloop.net/static/img/logo-16x16.png";
  31     #    status.level = "ERROR";
  32     #    status.description = "Stopped due to CVE-2022-29360";
  33     #    registration."" = ["MEMBER" "CLIENT"];
  34     #    registration.load = "OPEN";
  35     #    install.type = "PACKAGE";
  36     #  };
  37     #  software = {
  38     #    name = "Rainloop";
  39     #    website = "https://www.rainloop.net/";
  40     #    license.url = "https://www.rainloop.net/licensing/";
  41     #    license.name = "GNU Affero General Public License v3.0";
  42     #    version = rainloop.webRoot.version;
  43     #    source.url = "https://github.com/RainLoop/rainloop-webmail";
  44     #  };
  45     #};
  46     #myServices.chatonsProperties.services.mail-roundcube = {
  47     #  file.datetime = "2022-08-22T00:30:00";
  48     #  service = {
  49     #    name = "Roundcube";
  50     #    description = "The Roundcube Webmail suite";
  51     #    website = "https://mail.immae.eu/roundcube";
  52     #    logo = "https://mail.immae.eu/roundcube/skins/elastic/images/favicon.ico";
  53     #    status.level = "OK";
  54     #    status.description = "OK";
  55     #    registration."" = ["MEMBER" "CLIENT"];
  56     #    registration.load = "OPEN";
  57     #    install.type = "PACKAGE";
  58     #  };
  59     #  software = {
  60     #    name = "Roundcube";
  61     #    website = "https://roundcube.net/";
  62     #    license.url = "https://github.com/roundcube/roundcubemail/blob/master/LICENSE";
  63     #    license.name = "GNU General Public License v3.0";
  64     #    version = roundcubemail.webRoot.version;
  65     #    source.url = "https://github.com/roundcube/roundcubemail";
  66     #    modules = map (a: a.pluginName) roundcubemail.webRoot.plugins ++ map (a: a.skinName) roundcubemail.webRoot.skins;
  67     #  };
  68     #};
  69     secrets.keys = roundcubemail.keys;
  70
  71     services.websites.env.tools.modules =
  72       [ "proxy_fcgi" ]
  73       ++ rainloop.apache.modules
  74       ++ roundcubemail.apache.modules;
  75
  76     services.websites.env.tools.vhostConfs.mail = {
  77       certName   = "mail";
  78       addToCerts = true;
  79       hosts      = ["mail.immae.eu"];
  80       root       = ./www;
  81       extraConfig = [
  82         (rainloop.apache.vhostConf pcfg.rainloop.socket)
  83         (roundcubemail.apache.vhostConf pcfg.roundcubemail.socket)
  84         ''
  85           <Directory ${./www}>
  86             Require all granted
  87             Options -Indexes
  88           </Directory>
  89         ''
  90       ];
  91     };
  92     systemd.services = {
  93       phpfpm-rainloop = {
  94         after = lib.mkAfter rainloop.phpFpm.serviceDeps;
  95         wants = rainloop.phpFpm.serviceDeps;
  96       };
  97       phpfpm-roundcubemail = {
  98         after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
  99         wants = roundcubemail.phpFpm.serviceDeps;
 100       };
 101     };
 102
 103     services.phpfpm.pools.roundcubemail = {
 104       user = "wwwrun";
 105       group = "wwwrun";
 106       settings = roundcubemail.phpFpm.pool;
 107       phpOptions = config.services.phpfpm.phpOptions + ''
 108         date.timezone = 'CET'
 109       '';
 110       phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [ all.imagick ]);
 111     };
 112     services.phpfpm.pools.rainloop = {
 113       user = "wwwrun";
 114       group = "wwwrun";
 115       settings = rainloop.phpFpm.pool;
 116       phpPackage = pkgs.php72;
 117     };
 118     system.activationScripts = {
 119       roundcubemail = roundcubemail.activationScript;
 120       rainloop = rainloop.activationScript;
 121     };
 122   };
 123
 124 }