-{ env, roundcubemail, roundcubemail-plugins, roundcubemail-skins, phpPackages, apacheHttpd }:
+{ env, roundcubemail, apacheHttpd, config }:
rec {
varDir = "/var/lib/roundcubemail";
activationScript = {
user = apache.user;
group = apache.group;
permissions = "0400";
- text = ''
+ text =
+ let
+ psql_url = with env.postgresql; "pgsql://${user}:${password}@unix(${socket}:${port})/${database}";
+ in ''
<?php
- $config['db_dsnw'] = '${env.psql_url}';
+ $config['db_dsnw'] = '${psql_url}';
$config['default_host'] = 'ssl://imap.immae.eu';
$config['username_domain'] = array(
"imap.immae.eu" => "mail.immae.eu"
$config['mime_types'] = '${apacheHttpd}/conf/mime.types';
'';
}];
- webRoot = (roundcubemail.override { roundcube_config = "/var/secrets/webapps/tools-roundcube"; }).withPlugins
- (builtins.attrValues roundcubemail-plugins) (builtins.attrValues roundcubemail-skins);
+ webRoot = (roundcubemail.override { roundcube_config = config.secrets.fullPaths."webapps/tools-roundcube"; }).withPlugins (p: [ p.automatic_addressbook p.carddav p.contextmenu p.contextmenu_folder p.html5_notifier p.ident_switch p.message_highlight p.thunderbird_labels ]);
apache = rec {
user = "wwwrun";
group = "wwwrun";
modules = [ "proxy_fcgi" ];
webappName = "tools_roundcubemail";
root = "/run/current-system/webapps/${webappName}";
- vhostConf = ''
+ vhostConf = socket: ''
Alias /roundcube "${root}"
<Directory "${root}">
DirectoryIndex index.php
Require all granted
<FilesMatch "\.php$">
- SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+ SetHandler "proxy:unix:${socket}|fcgi://localhost"
</FilesMatch>
</Directory>
'';
phpFpm = rec {
serviceDeps = [ "postgresql.service" ];
basedir = builtins.concatStringsSep ":" (
- [ webRoot "/var/secrets/webapps/tools-roundcube" varDir ]
+ [ webRoot config.secrets.fullPaths."webapps/tools-roundcube" varDir ]
++ webRoot.plugins
++ webRoot.skins);
- phpConfig = ''
- date.timezone = 'CET'
- extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
- '';
- socket = "/var/run/phpfpm/roundcubemail.sock";
- pool = ''
- user = ${apache.user}
- group = ${apache.group}
- listen.owner = ${apache.user}
- listen.group = ${apache.group}
- pm = ondemand
- pm.max_children = 60
- pm.process_idle_timeout = 60
+ pool = {
+ "listen.owner" = apache.user;
+ "listen.group" = apache.group;
+ "pm" = "ondemand";
+ "pm.max_children" = "60";
+ "pm.process_idle_timeout" = "60";
- ; Needed to avoid clashes in browser cookies (same domain)
- php_value[session.name] = RoundcubemailPHPSESSID
- php_admin_value[upload_max_filesize] = 200M
- php_admin_value[post_max_size] = 200M
- php_admin_value[open_basedir] = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp"
- php_admin_value[session.save_path] = "${varDir}/phpSessions"
- '';
+ # Needed to avoid clashes in browser cookies (same domain)
+ "php_value[session.name]" = "RoundcubemailPHPSESSID";
+ "php_admin_value[upload_max_filesize]" = "200M";
+ "php_admin_value[post_max_size]" = "200M";
+ "php_admin_value[open_basedir]" = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp";
+ "php_admin_value[session.save_path]" = "${varDir}/phpSessions";
+ };
};
}