--- /dev/null
+{ lib, pkgs, config, myconfig, ... }:
+let
+ roundcubemail = pkgs.callPackage ./roundcubemail.nix {
+ inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
+ env = myconfig.env.tools.roundcubemail;
+ };
+ rainloop = pkgs.callPackage ./rainloop.nix {};
+ cfg = config.myServices.websites.tools.email;
+in
+{
+ options.myServices.websites.tools.email = {
+ enable = lib.mkEnableOption "enable email website";
+ };
+
+ imports = [
+ ./mta-sts.nix
+ ];
+
+ config = lib.mkIf cfg.enable {
+ secrets.keys = roundcubemail.keys;
+
+ services.websites.env.tools.modules =
+ [ "proxy_fcgi" ]
+ ++ rainloop.apache.modules
+ ++ roundcubemail.apache.modules;
+
+ services.websites.env.tools.vhostConfs.mail = {
+ certName = "mail";
+ addToCerts = true;
+ hosts = ["mail.immae.eu"];
+ root = "/run/current-system/webapps/_mail";
+ extraConfig = [
+ rainloop.apache.vhostConf
+ roundcubemail.apache.vhostConf
+ ''
+ <Directory /run/current-system/webapps/_mail>
+ Require all granted
+ Options -Indexes
+ </Directory>
+ ''
+ ];
+ };
+ systemd.services = {
+ phpfpm-rainloop = {
+ after = lib.mkAfter rainloop.phpFpm.serviceDeps;
+ wants = rainloop.phpFpm.serviceDeps;
+ };
+ phpfpm-roundcubemail = {
+ after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
+ wants = roundcubemail.phpFpm.serviceDeps;
+ };
+ };
+
+ services.phpfpm.pools.roundcubemail = {
+ listen = roundcubemail.phpFpm.socket;
+ extraConfig = roundcubemail.phpFpm.pool;
+ phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
+ };
+ services.phpfpm.poolConfigs = {
+ rainloop = rainloop.phpFpm.pool;
+ };
+ system.activationScripts = {
+ roundcubemail = roundcubemail.activationScript;
+ rainloop = rainloop.activationScript;
+ };
+
+ myServices.websites.webappDirs = {
+ _mail = ./www;
+ "${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
+ "${rainloop.apache.webappName}" = rainloop.webRoot;
+ };
+
+ };
+
+}