X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=systems%2Feldiron%2Fwebsites%2Fmail%2Froundcubemail.nix;fp=systems%2Feldiron%2Fwebsites%2Fmail%2Froundcubemail.nix;h=21a10fe6db77a13629efbefa0bbed6f889f744cf;hb=1a64deeb894dc95e2645a75771732c6cc53a79ad;hp=0000000000000000000000000000000000000000;hpb=fa25ffd4583cc362075cd5e1b4130f33306103f0;p=perso%2FImmae%2FConfig%2FNix.git diff --git a/systems/eldiron/websites/mail/roundcubemail.nix b/systems/eldiron/websites/mail/roundcubemail.nix new file mode 100644 index 0000000..21a10fe --- /dev/null +++ b/systems/eldiron/websites/mail/roundcubemail.nix @@ -0,0 +1,119 @@ +{ env, roundcubemail, apacheHttpd, config }: +rec { + varDir = "/var/lib/roundcubemail"; + activationScript = { + deps = [ "wrappers" ]; + text = '' + install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \ + ${varDir}/cache ${varDir}/logs + ''; + }; + keys."webapps/tools-roundcube" = { + user = apache.user; + group = apache.group; + permissions = "0400"; + text = + let + psql_url = with env.postgresql; "pgsql://${user}:${password}@unix(${socket}:${port})/${database}"; + in '' + "mail.immae.eu" + ); + $config['imap_conn_options'] = array("ssl" => array("verify_peer" => false)); + $config['smtp_server'] = 'tls://smtp.immae.eu'; + $config['smtp_port'] = '587'; + $config['managesieve_host'] = 'imap.immae.eu'; + $config['managesieve_port'] = '4190'; + $config['managesieve_usetls'] = true; + $config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false)); + + $config['imap_cache'] = 'db'; + $config['messages_cache'] = 'db'; + + $config['support_url'] = '''; + + $config['des_key'] = '${env.secret}'; + + $config['skin'] = 'elastic'; + $config['plugins'] = array( + 'attachment_reminder', + 'emoticons', + 'filesystem_attachments', + 'hide_blockquote', + 'identicon', + 'identity_select', + 'jqueryui', + 'markasjunk', + 'managesieve', + 'newmail_notifier', + 'vcard_attachments', + 'zipdownload', + + 'automatic_addressbook', + 'message_highlight', + 'carddav', + // Ne marche pas ?: 'ident_switch', + // Ne marche pas ?: 'thunderbird_labels', + ); + + $config['language'] = 'fr_FR'; + + $config['drafts_mbox'] = 'Drafts'; + $config['junk_mbox'] = 'Junk'; + $config['sent_mbox'] = 'Sent'; + $config['trash_mbox'] = 'Trash'; + $config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash'); + $config['draft_autosave'] = 60; + $config['enable_installer'] = false; + $config['log_driver'] = 'file'; + $config['temp_dir'] = '${varDir}/cache'; + $config['mime_types'] = '${apacheHttpd}/conf/mime.types'; + ''; + keyDependencies = [ apacheHttpd ]; + }; + webRoot = (roundcubemail.override { roundcube_config = config.secrets.fullPaths."webapps/tools-roundcube"; }).withPlugins (p: [ p.automatic_addressbook p.carddav p.contextmenu p.contextmenu_folder p.html5_notifier p.ident_switch p.message_highlight p.thunderbird_labels ]); + apache = rec { + user = "wwwrun"; + group = "wwwrun"; + modules = [ "proxy_fcgi" ]; + root = webRoot; + vhostConf = socket: '' + Alias /roundcube "${root}" + + DirectoryIndex index.php + AllowOverride All + Options FollowSymlinks + Require all granted + + + SetHandler "proxy:unix:${socket}|fcgi://localhost" + + + ''; + }; + phpFpm = rec { + serviceDeps = [ "postgresql.service" ]; + basedir = builtins.concatStringsSep ":" ( + [ webRoot config.secrets.fullPaths."webapps/tools-roundcube" varDir ] + ++ webRoot.plugins + ++ webRoot.skins); + pool = { + "listen.owner" = apache.user; + "listen.group" = apache.group; + "pm" = "ondemand"; + "pm.max_children" = "60"; + "pm.process_idle_timeout" = "60"; + + # Needed to avoid clashes in browser cookies (same domain) + "php_value[session.name]" = "RoundcubemailPHPSESSID"; + "php_admin_value[upload_max_filesize]" = "200M"; + "php_admin_value[post_max_size]" = "200M"; + "php_admin_value[open_basedir]" = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp"; + "php_admin_value[session.save_handler]" = "redis"; + "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Roundcubemail:'"; + }; + }; +}