{ lib, pkgs, config, myconfig, ... }: let roundcubemail = pkgs.callPackage ./roundcubemail.nix { inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins; env = myconfig.env.tools.roundcubemail; }; rainloop = pkgs.callPackage ./rainloop.nix {}; cfg = config.myServices.websites.tools.email; in { options.myServices.websites.tools.email = { enable = lib.mkEnableOption "enable email website"; }; imports = [ ./mta-sts.nix ]; config = lib.mkIf cfg.enable { services.duplyBackup.profiles.mail.excludeFile = '' + ${rainloop.varDir} + ${roundcubemail.varDir} ''; secrets.keys = roundcubemail.keys; services.websites.env.tools.modules = [ "proxy_fcgi" ] ++ rainloop.apache.modules ++ roundcubemail.apache.modules; services.websites.env.tools.vhostConfs.mail = { certName = "mail"; addToCerts = true; hosts = ["mail.immae.eu"]; root = "/run/current-system/webapps/_mail"; extraConfig = [ rainloop.apache.vhostConf roundcubemail.apache.vhostConf '' Require all granted Options -Indexes '' ]; }; systemd.services = { phpfpm-rainloop = { after = lib.mkAfter rainloop.phpFpm.serviceDeps; wants = rainloop.phpFpm.serviceDeps; }; phpfpm-roundcubemail = { after = lib.mkAfter roundcubemail.phpFpm.serviceDeps; wants = roundcubemail.phpFpm.serviceDeps; }; }; services.phpfpm.pools.roundcubemail = { listen = roundcubemail.phpFpm.socket; extraConfig = roundcubemail.phpFpm.pool; phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig; }; services.phpfpm.poolConfigs = { rainloop = rainloop.phpFpm.pool; }; system.activationScripts = { roundcubemail = roundcubemail.activationScript; rainloop = rainloop.activationScript; }; myServices.websites.webappDirs = { _mail = ./www; "${roundcubemail.apache.webappName}" = roundcubemail.webRoot; "${rainloop.apache.webappName}" = rainloop.webRoot; }; }; }