+++ /dev/null
-{ lib, pkgs, config, ... }:
-let
- roundcubemail = pkgs.callPackage ./roundcubemail.nix {
- inherit (pkgs.webapps) roundcubemail;
- env = config.myEnv.tools.roundcubemail;
- inherit config;
- };
- rainloop = pkgs.callPackage ./rainloop.nix {
- rainloop = pkgs.rainloop-community;
- };
- cfg = config.myServices.websites.tools.email;
- pcfg = config.services.phpfpm.pools;
-in
-{
- options.myServices.websites.tools.email = {
- enable = lib.mkEnableOption "enable email website";
- };
-
- imports = [
- ./mta-sts.nix
- ];
-
- config = lib.mkIf cfg.enable {
- secrets.keys = roundcubemail.keys;
-
- services.websites.env.tools.modules =
- [ "proxy_fcgi" ]
- ++ rainloop.apache.modules
- ++ roundcubemail.apache.modules;
-
- services.websites.env.tools.vhostConfs.mail = {
- certName = "mail";
- addToCerts = true;
- hosts = ["mail.immae.eu"];
- root = ./www;
- extraConfig = [
- (rainloop.apache.vhostConf pcfg.rainloop.socket)
- (roundcubemail.apache.vhostConf pcfg.roundcubemail.socket)
- ''
- <Directory ${./www}>
- Require all granted
- Options -Indexes
- </Directory>
- ''
- ];
- };
- systemd.services = {
- phpfpm-rainloop = {
- after = lib.mkAfter rainloop.phpFpm.serviceDeps;
- wants = rainloop.phpFpm.serviceDeps;
- };
- phpfpm-roundcubemail = {
- after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
- wants = roundcubemail.phpFpm.serviceDeps;
- };
- };
-
- services.phpfpm.pools.roundcubemail = {
- user = "wwwrun";
- group = "wwwrun";
- settings = roundcubemail.phpFpm.pool;
- phpOptions = config.services.phpfpm.phpOptions + ''
- date.timezone = 'CET'
- '';
- phpPackage = pkgs.php72.withExtensions({ enabled, all }: enabled ++ [ all.imagick ]);
- };
- services.phpfpm.pools.rainloop = {
- user = "wwwrun";
- group = "wwwrun";
- settings = rainloop.phpFpm.pool;
- phpPackage = pkgs.php72;
- };
- system.activationScripts = {
- roundcubemail = roundcubemail.activationScript;
- rainloop = rainloop.activationScript;
- };
- };
-
-}
projects / perso / Immae / Config / Nix.git / blobdiff