[perso/Immae/Config/Nix.git] / modules / private / websites / tools / mail / default.nix

{ lib, pkgs, config,  ... }:
let
  roundcubemail = pkgs.callPackage ./roundcubemail.nix {
    inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
    env = config.myEnv.tools.roundcubemail;
  };
  rainloop = pkgs.callPackage ./rainloop.nix {};
  cfg = config.myServices.websites.tools.email;
in
{
  options.myServices.websites.tools.email = {
    enable = lib.mkEnableOption "enable email website";
  };

  imports = [
    ./mta-sts.nix
  ];

  config = lib.mkIf cfg.enable {
    services.duplyBackup.profiles.mail.excludeFile = ''
      + ${rainloop.varDir}
      + ${roundcubemail.varDir}
      '';
    secrets.keys = roundcubemail.keys;

    services.websites.env.tools.modules =
      [ "proxy_fcgi" ]
      ++ rainloop.apache.modules
      ++ roundcubemail.apache.modules;

    services.websites.env.tools.vhostConfs.mail = {
      certName   = "mail";
      addToCerts = true;
      hosts      = ["mail.immae.eu"];
      root       = "/run/current-system/webapps/_mail";
      extraConfig = [
        rainloop.apache.vhostConf
        roundcubemail.apache.vhostConf
        ''
          <Directory /run/current-system/webapps/_mail>
            Require all granted
            Options -Indexes
          </Directory>
        ''
      ];
    };
    systemd.services = {
      phpfpm-rainloop = {
        after = lib.mkAfter rainloop.phpFpm.serviceDeps;
        wants = rainloop.phpFpm.serviceDeps;
      };
      phpfpm-roundcubemail = {
        after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
        wants = roundcubemail.phpFpm.serviceDeps;
      };
    };

    services.phpfpm.pools.roundcubemail = {
      listen = roundcubemail.phpFpm.socket;
      extraConfig = roundcubemail.phpFpm.pool;
      phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
    };
    services.phpfpm.poolConfigs = {
      rainloop = rainloop.phpFpm.pool;
    };
    system.activationScripts = {
      roundcubemail = roundcubemail.activationScript;
      rainloop = rainloop.activationScript;
    };

    myServices.websites.webappDirs = {
      _mail = ./www;
      "${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
      "${rainloop.apache.webappName}" = rainloop.webRoot;
    };

  };

}
Commit	Line	Data
ab8f306d	1	{ lib, pkgs, config, ... }:
afcc5de0 IB	2	let
	3	roundcubemail = pkgs.callPackage ./roundcubemail.nix {
	4	inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
ab8f306d	5	env = config.myEnv.tools.roundcubemail;
afcc5de0 IB	6	};
	7	rainloop = pkgs.callPackage ./rainloop.nix {};
	8	cfg = config.myServices.websites.tools.email;
	9	in
	10	{
	11	options.myServices.websites.tools.email = {
	12	enable = lib.mkEnableOption "enable email website";
	13	};
	14
	15	imports = [
	16	./mta-sts.nix
	17	];
	18
	19	config = lib.mkIf cfg.enable {
d2e703c5	20	services.duplyBackup.profiles.mail.excludeFile = ''
6a8252b1 IB	21	+ ${rainloop.varDir}
	22	+ ${roundcubemail.varDir}
	23	'';
afcc5de0 IB	24	secrets.keys = roundcubemail.keys;
	25
	26	services.websites.env.tools.modules =
	27	[ "proxy_fcgi" ]
	28	++ rainloop.apache.modules
	29	++ roundcubemail.apache.modules;
	30
	31	services.websites.env.tools.vhostConfs.mail = {
	32	certName = "mail";
	33	addToCerts = true;
	34	hosts = ["mail.immae.eu"];
	35	root = "/run/current-system/webapps/_mail";
	36	extraConfig = [
	37	rainloop.apache.vhostConf
	38	roundcubemail.apache.vhostConf
	39	''
	40	<Directory /run/current-system/webapps/_mail>
	41	Require all granted
	42	Options -Indexes
	43	</Directory>
	44	''
	45	];
	46	};
	47	systemd.services = {
	48	phpfpm-rainloop = {
	49	after = lib.mkAfter rainloop.phpFpm.serviceDeps;
	50	wants = rainloop.phpFpm.serviceDeps;
	51	};
	52	phpfpm-roundcubemail = {
	53	after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
	54	wants = roundcubemail.phpFpm.serviceDeps;
	55	};
	56	};
	57
	58	services.phpfpm.pools.roundcubemail = {
	59	listen = roundcubemail.phpFpm.socket;
	60	extraConfig = roundcubemail.phpFpm.pool;
	61	phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
	62	};
	63	services.phpfpm.poolConfigs = {
	64	rainloop = rainloop.phpFpm.pool;
	65	};
	66	system.activationScripts = {
	67	roundcubemail = roundcubemail.activationScript;
	68	rainloop = rainloop.activationScript;
	69	};
	70
	71	myServices.websites.webappDirs = {
	72	_mail = ./www;
	73	"${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
	74	"${rainloop.apache.webappName}" = rainloop.webRoot;
	75	};
	76
	77	};
	78
	79	}