[perso/Immae/Config/Nix.git] / systems / eldiron / websites / mail / roundcubemail.nix

{ env, roundcubemail, apacheHttpd, config }:
rec {
  varDir = "/var/lib/roundcubemail";
  activationScript = {
    deps = [ "wrappers" ];
    text = ''
      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
        ${varDir}/cache ${varDir}/logs
    '';
  };
  keys."webapps/tools-roundcube" = {
    user = apache.user;
    group = apache.group;
    permissions = "0400";
    text =
      let
        psql_url = with env.postgresql; "pgsql://${user}:${password}@unix(${socket}:${port})/${database}";
      in ''
      <?php
        $config['db_dsnw'] = '${psql_url}';
        $config['default_host'] = 'ssl://imap.immae.eu';
        $config['username_domain'] = array(
          "imap.immae.eu" => "mail.immae.eu"
        );
        $config['imap_conn_options'] = array("ssl" => array("verify_peer" => false));
        $config['smtp_server'] = 'tls://smtp.immae.eu';
        $config['smtp_port'] = '587';
        $config['managesieve_host'] = 'imap.immae.eu';
        $config['managesieve_port'] = '4190';
        $config['managesieve_usetls'] = true;
        $config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false));

        $config['imap_cache'] = 'db';
        $config['messages_cache'] = 'db';

        $config['support_url'] = ''';

        $config['des_key'] = '${env.secret}';

        $config['skin'] = 'elastic';
        $config['plugins'] = array(
          'attachment_reminder',
          'emoticons',
          'filesystem_attachments',
          'hide_blockquote',
          'identicon',
          'identity_select',
          'jqueryui',
          'markasjunk',
          'managesieve',
          'newmail_notifier',
          'vcard_attachments',
          'zipdownload',

          'automatic_addressbook',
          'message_highlight',
          'carddav',
          // Ne marche pas ?: 'ident_switch',
          // Ne marche pas ?: 'thunderbird_labels',
        );

        $config['language'] = 'fr_FR';

        $config['drafts_mbox'] = 'Drafts';
        $config['junk_mbox'] = 'Junk';
        $config['sent_mbox'] = 'Sent';
        $config['trash_mbox'] = 'Trash';
        $config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
        $config['draft_autosave'] = 60;
        $config['enable_installer'] = false;
        $config['log_driver'] = 'file';
        $config['temp_dir'] = '${varDir}/cache';
        $config['mime_types'] = '${apacheHttpd}/conf/mime.types';
    '';
    keyDependencies = [ apacheHttpd ];
  };
  webRoot = (roundcubemail.override { roundcube_config = config.secrets.fullPaths."webapps/tools-roundcube"; }).withPlugins (p: [ p.automatic_addressbook p.carddav p.contextmenu p.contextmenu_folder p.html5_notifier p.ident_switch p.message_highlight p.thunderbird_labels ]);
  apache = rec {
    user = "wwwrun";
    group = "wwwrun";
    modules = [ "proxy_fcgi" ];
    root = webRoot;
    vhostConf = socket: ''
    Alias /roundcube "${root}"
    <Directory "${root}">
        DirectoryIndex index.php
        AllowOverride All
        Options FollowSymlinks
        Require all granted

        <FilesMatch "\.php$">
          SetHandler "proxy:unix:${socket}|fcgi://localhost"
        </FilesMatch>
      </Directory>
      '';
  };
  phpFpm = rec {
    serviceDeps = [ "postgresql.service" ];
    basedir = builtins.concatStringsSep ":" (
      [ webRoot config.secrets.fullPaths."webapps/tools-roundcube" varDir ]
      ++ webRoot.plugins
      ++ webRoot.skins);
    pool = {
      "listen.owner" = apache.user;
      "listen.group" = apache.group;
      "pm" = "ondemand";
      "pm.max_children" = "60";
      "pm.process_idle_timeout" = "60";

      # Needed to avoid clashes in browser cookies (same domain)
      "php_value[session.name]" = "RoundcubemailPHPSESSID";
      "php_admin_value[upload_max_filesize]" = "200M";
      "php_admin_value[post_max_size]" = "200M";
      "php_admin_value[open_basedir]" = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp";
      "php_admin_value[session.save_handler]" = "redis";
      "php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Roundcubemail:'";
    };
  };
}
Commit	Line	Data
da30ae4f	1	{ env, roundcubemail, apacheHttpd, config }:
fffbbb56 IB	2	rec {
	3	varDir = "/var/lib/roundcubemail";
	4	activationScript = {
	5	deps = [ "wrappers" ];
	6	text = ''
	7	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
	8	${varDir}/cache ${varDir}/logs
fffbbb56 IB	9	'';
fffbbb56 IB	10	};
4c4652aa	11	keys."webapps/tools-roundcube" = {
fffbbb56 IB	12	user = apache.user;
	13	group = apache.group;
	14	permissions = "0400";
ab8f306d IB	15	text =
	16	let
	17	psql_url = with env.postgresql; "pgsql://${user}:${password}@unix(${socket}:${port})/${database}";
	18	in ''
fffbbb56	19	<?php
ab8f306d	20	$config['db_dsnw'] = '${psql_url}';
7ccde67a IB	21	$config['default_host'] = 'ssl://imap.immae.eu';
	22	$config['username_domain'] = array(
	23	"imap.immae.eu" => "mail.immae.eu"
	24	);
fffbbb56	25	$config['imap_conn_options'] = array("ssl" => array("verify_peer" => false));
05f8c21a IB	26	$config['smtp_server'] = 'tls://smtp.immae.eu';
	27	$config['smtp_port'] = '587';
	28	$config['managesieve_host'] = 'imap.immae.eu';
fffbbb56 IB	29	$config['managesieve_port'] = '4190';
	30	$config['managesieve_usetls'] = true;
	31	$config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false));
d252d718	32
fffbbb56 IB	33	$config['imap_cache'] = 'db';
fffbbb56 IB	34	$config['messages_cache'] = 'db';
d252d718	35
fffbbb56	36	$config['support_url'] = ''';
d252d718	37
fffbbb56	38	$config['des_key'] = '${env.secret}';
d252d718	39
fffbbb56 IB	40	$config['skin'] = 'elastic';
	41	$config['plugins'] = array(
	42	'attachment_reminder',
	43	'emoticons',
	44	'filesystem_attachments',
	45	'hide_blockquote',
	46	'identicon',
	47	'identity_select',
	48	'jqueryui',
a929614f	49	'markasjunk',
fffbbb56 IB	50	'managesieve',
	51	'newmail_notifier',
	52	'vcard_attachments',
	53	'zipdownload',
e2ca51b2	54
fffbbb56 IB	55	'automatic_addressbook',
	56	'message_highlight',
	57	'carddav',
	58	// Ne marche pas ?: 'ident_switch',
	59	// Ne marche pas ?: 'thunderbird_labels',
	60	);
d252d718	61
fffbbb56	62	$config['language'] = 'fr_FR';
d252d718	63
a929614f IB	64	$config['drafts_mbox'] = 'Drafts';
	65	$config['junk_mbox'] = 'Junk';
	66	$config['sent_mbox'] = 'Sent';
	67	$config['trash_mbox'] = 'Trash';
	68	$config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
fffbbb56 IB	69	$config['draft_autosave'] = 60;
	70	$config['enable_installer'] = false;
	71	$config['log_driver'] = 'file';
	72	$config['temp_dir'] = '${varDir}/cache';
	73	$config['mime_types'] = '${apacheHttpd}/conf/mime.types';
	74	'';
1a64deeb	75	keyDependencies = [ apacheHttpd ];
4c4652aa	76	};
da30ae4f	77	webRoot = (roundcubemail.override { roundcube_config = config.secrets.fullPaths."webapps/tools-roundcube"; }).withPlugins (p: [ p.automatic_addressbook p.carddav p.contextmenu p.contextmenu_folder p.html5_notifier p.ident_switch p.message_highlight p.thunderbird_labels ]);
fffbbb56 IB	78	apache = rec {
	79	user = "wwwrun";
	80	group = "wwwrun";
	81	modules = [ "proxy_fcgi" ];
750fe5a4	82	root = webRoot;
5400b9b6	83	vhostConf = socket: ''
fffbbb56 IB	84	Alias /roundcube "${root}"
	85	<Directory "${root}">
	86	DirectoryIndex index.php
	87	AllowOverride All
	88	Options FollowSymlinks
	89	Require all granted
	90
	91	<FilesMatch "\.php$">
5400b9b6	92	SetHandler "proxy:unix:${socket}\|fcgi://localhost"
fffbbb56 IB	93	</FilesMatch>
fffbbb56 IB	94	</Directory>
d252d718	95	'';
fffbbb56 IB	96	};
	97	phpFpm = rec {
	98	serviceDeps = [ "postgresql.service" ];
	99	basedir = builtins.concatStringsSep ":" (
da30ae4f	100	[ webRoot config.secrets.fullPaths."webapps/tools-roundcube" varDir ]
fffbbb56 IB	101	++ webRoot.plugins
fffbbb56 IB	102	++ webRoot.skins);
5400b9b6 IB	103	pool = {
	104	"listen.owner" = apache.user;
	105	"listen.group" = apache.group;
	106	"pm" = "ondemand";
	107	"pm.max_children" = "60";
	108	"pm.process_idle_timeout" = "60";
d252d718	109
5400b9b6 IB	110	# Needed to avoid clashes in browser cookies (same domain)
	111	"php_value[session.name]" = "RoundcubemailPHPSESSID";
	112	"php_admin_value[upload_max_filesize]" = "200M";
	113	"php_admin_value[post_max_size]" = "200M";
	114	"php_admin_value[open_basedir]" = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp";
1a64deeb IB	115	"php_admin_value[session.save_handler]" = "redis";
1a64deeb IB	116	"php_admin_value[session.save_path]" = "'unix:///run/redis-php-sessions/redis.sock?persistent=1&prefix=Tools:Roundcubemail:'";
5400b9b6	117	};
d252d718	118	};
fffbbb56	119	}