]> git.immae.eu Git - perso/Immae/Config/Nix.git/blob - modules/private/websites/tools/mail/roundcubemail.nix
Implement mta-sts and move mail services to specific domain
[perso/Immae/Config/Nix.git] / modules / private / websites / tools / mail / roundcubemail.nix
1 { env, roundcubemail, roundcubemail-plugins, roundcubemail-skins, phpPackages, apacheHttpd }:
2 rec {
3 varDir = "/var/lib/roundcubemail";
4 activationScript = {
5 deps = [ "wrappers" ];
6 text = ''
7 install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
8 ${varDir}/cache ${varDir}/logs
9 install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
10 '';
11 };
12 keys = [{
13 dest = "webapps/tools-roundcube";
14 user = apache.user;
15 group = apache.group;
16 permissions = "0400";
17 text = ''
18 <?php
19 $config['db_dsnw'] = '${env.psql_url}';
20 $config['default_host'] = 'ssl://imap.immae.eu';
21 $config['username_domain'] = array(
22 "imap.immae.eu" => "mail.immae.eu"
23 );
24 $config['imap_conn_options'] = array("ssl" => array("verify_peer" => false));
25 $config['smtp_server'] = 'tls://smtp.immae.eu';
26 $config['smtp_port'] = '587';
27 $config['managesieve_host'] = 'imap.immae.eu';
28 $config['managesieve_port'] = '4190';
29 $config['managesieve_usetls'] = true;
30 $config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false));
31
32 $config['imap_cache'] = 'db';
33 $config['messages_cache'] = 'db';
34
35 $config['support_url'] = ''';
36
37 $config['des_key'] = '${env.secret}';
38
39 $config['skin'] = 'elastic';
40 $config['plugins'] = array(
41 'attachment_reminder',
42 'emoticons',
43 'filesystem_attachments',
44 'hide_blockquote',
45 'identicon',
46 'identity_select',
47 'jqueryui',
48 'markasjunk',
49 'managesieve',
50 'newmail_notifier',
51 'vcard_attachments',
52 'zipdownload',
53
54 'automatic_addressbook',
55 'message_highlight',
56 'carddav',
57 // Ne marche pas ?: 'ident_switch',
58 // Ne marche pas ?: 'thunderbird_labels',
59 );
60
61 $config['language'] = 'fr_FR';
62
63 $config['drafts_mbox'] = 'Drafts';
64 $config['junk_mbox'] = 'Junk';
65 $config['sent_mbox'] = 'Sent';
66 $config['trash_mbox'] = 'Trash';
67 $config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
68 $config['draft_autosave'] = 60;
69 $config['enable_installer'] = false;
70 $config['log_driver'] = 'file';
71 $config['temp_dir'] = '${varDir}/cache';
72 $config['mime_types'] = '${apacheHttpd}/conf/mime.types';
73 '';
74 }];
75 webRoot = (roundcubemail.override { roundcube_config = "/var/secrets/webapps/tools-roundcube"; }).withPlugins
76 (builtins.attrValues roundcubemail-plugins) (builtins.attrValues roundcubemail-skins);
77 apache = rec {
78 user = "wwwrun";
79 group = "wwwrun";
80 modules = [ "proxy_fcgi" ];
81 webappName = "tools_roundcubemail";
82 root = "/run/current-system/webapps/${webappName}";
83 vhostConf = ''
84 Alias /roundcube "${root}"
85 <Directory "${root}">
86 DirectoryIndex index.php
87 AllowOverride All
88 Options FollowSymlinks
89 Require all granted
90
91 <FilesMatch "\.php$">
92 SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
93 </FilesMatch>
94 </Directory>
95 '';
96 };
97 phpFpm = rec {
98 serviceDeps = [ "postgresql.service" ];
99 basedir = builtins.concatStringsSep ":" (
100 [ webRoot "/var/secrets/webapps/tools-roundcube" varDir ]
101 ++ webRoot.plugins
102 ++ webRoot.skins);
103 phpConfig = ''
104 date.timezone = 'CET'
105 extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
106 '';
107 socket = "/var/run/phpfpm/roundcubemail.sock";
108 pool = ''
109 user = ${apache.user}
110 group = ${apache.group}
111 listen.owner = ${apache.user}
112 listen.group = ${apache.group}
113 pm = ondemand
114 pm.max_children = 60
115 pm.process_idle_timeout = 60
116
117 ; Needed to avoid clashes in browser cookies (same domain)
118 php_value[session.name] = RoundcubemailPHPSESSID
119 php_admin_value[upload_max_filesize] = 200M
120 php_admin_value[post_max_size] = 200M
121 php_admin_value[open_basedir] = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp"
122 php_admin_value[session.save_path] = "${varDir}/phpSessions"
123 '';
124 };
125 }