X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=modules%2Fprivate%2Fwebsites%2Ftools%2Fmail%2Fdefault.nix;fp=modules%2Fprivate%2Fwebsites%2Ftools%2Fmail%2Fdefault.nix;h=ea0a27fc7079f587647bceb3efa160fafc7b7997;hb=afcc5de071dfffdc507995d1845372ba40dc1dc2;hp=0000000000000000000000000000000000000000;hpb=2f16a987d306cdb7bf9b4e80fa4af173373719bd;p=perso%2FImmae%2FConfig%2FNix.git

diff --git a/modules/private/websites/tools/mail/default.nix b/modules/private/websites/tools/mail/default.nix
new file mode 100644
index 0000000..ea0a27f
--- /dev/null
+++ b/modules/private/websites/tools/mail/default.nix
@@ -0,0 +1,75 @@
+{ lib, pkgs, config, myconfig,  ... }:
+let
+  roundcubemail = pkgs.callPackage ./roundcubemail.nix {
+    inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
+    env = myconfig.env.tools.roundcubemail;
+  };
+  rainloop = pkgs.callPackage ./rainloop.nix {};
+  cfg = config.myServices.websites.tools.email;
+in
+{
+  options.myServices.websites.tools.email = {
+    enable = lib.mkEnableOption "enable email website";
+  };
+
+  imports = [
+    ./mta-sts.nix
+  ];
+
+  config = lib.mkIf cfg.enable {
+    secrets.keys = roundcubemail.keys;
+
+    services.websites.env.tools.modules =
+      [ "proxy_fcgi" ]
+      ++ rainloop.apache.modules
+      ++ roundcubemail.apache.modules;
+
+    services.websites.env.tools.vhostConfs.mail = {
+      certName   = "mail";
+      addToCerts = true;
+      hosts      = ["mail.immae.eu"];
+      root       = "/run/current-system/webapps/_mail";
+      extraConfig = [
+        rainloop.apache.vhostConf
+        roundcubemail.apache.vhostConf
+        ''
+          <Directory /run/current-system/webapps/_mail>
+            Require all granted
+            Options -Indexes
+          </Directory>
+        ''
+      ];
+    };
+    systemd.services = {
+      phpfpm-rainloop = {
+        after = lib.mkAfter rainloop.phpFpm.serviceDeps;
+        wants = rainloop.phpFpm.serviceDeps;
+      };
+      phpfpm-roundcubemail = {
+        after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
+        wants = roundcubemail.phpFpm.serviceDeps;
+      };
+    };
+
+    services.phpfpm.pools.roundcubemail = {
+      listen = roundcubemail.phpFpm.socket;
+      extraConfig = roundcubemail.phpFpm.pool;
+      phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
+    };
+    services.phpfpm.poolConfigs = {
+      rainloop = rainloop.phpFpm.pool;
+    };
+    system.activationScripts = {
+      roundcubemail = roundcubemail.activationScript;
+      rainloop = rainloop.activationScript;
+    };
+
+    myServices.websites.webappDirs = {
+      _mail = ./www;
+      "${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
+      "${rainloop.apache.webappName}" = rainloop.webRoot;
+    };
+
+  };
+
+}