]> git.immae.eu Git - perso/Immae/Config/Nix.git/blobdiff - nixops/modules/websites/tools/tools/roundcubemail.nix
projects / perso / Immae / Config / Nix.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Replace myPhpfpm with correct overrides
[perso/Immae/Config/Nix.git] / nixops / modules / websites / tools / tools / roundcubemail.nix
diff --git a/nixops/modules/websites/tools/tools/roundcubemail.nix b/nixops/modules/websites/tools/tools/roundcubemail.nix
index c0a1125835cfc72c6e5141862fa4b7a59cc95615..8974d1bbbe2e50a08e5f1df33ec647fe4f2959cf 100644 (file)
--- a/nixops/modules/websites/tools/tools/roundcubemail.nix
+++ b/nixops/modules/websites/tools/tools/roundcubemail.nix
@@ -1,23 +1,30 @@
-{ lib, env, writeText, stdenv, fetchurl }:
-let
-  roundcubemail = let
-    plugins = {};
-  in rec {
-    varDir = "/var/lib/roundcubemail";
-    activationScript = {
-      deps = [ "wrappers" ];
-      text = ''
-        install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
-          ${varDir}/cache
-        install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
-      '';
-    };
-    config = writeText "config.php" ''
+{ env, roundcubemail, roundcubemail-plugins, roundcubemail-skins, phpPackages, apacheHttpd }:
+rec {
+  varDir = "/var/lib/roundcubemail";
+  activationScript = {
+    deps = [ "wrappers" ];
+    text = ''
+      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
+        ${varDir}/cache ${varDir}/logs
+      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
+    '';
+  };
+  keys = [{
+    dest = "webapps/tools-roundcube";
+    user = apache.user;
+    group = apache.group;
+    permissions = "0400";
+    text = ''
       <?php
         $config['db_dsnw'] = '${env.psql_url}';
         $config['default_host'] = 'ssl://mail.immae.eu';
         $config['imap_conn_options'] = array("ssl" => array("verify_peer" => false));
         $config['smtp_server'] = 'tls://mail.immae.eu';
+        $config['smtp_port'] = '25';
+        $config['managesieve_host'] = 'mail.immae.eu';
+        $config['managesieve_port'] = '4190';
+        $config['managesieve_usetls'] = true;
+        $config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false));
 
         $config['imap_cache'] = 'db';
         $config['messages_cache'] = 'db';
@@ -26,7 +33,26 @@ let
 
         $config['des_key'] = '${env.secret}';
 
-        $config['plugins'] = array();
+        $config['skin'] = 'elastic';
+        $config['plugins'] = array(
+          'attachment_reminder',
+          'emoticons',
+          'filesystem_attachments',
+          'hide_blockquote',
+          'identicon',
+          'identity_select',
+          'jqueryui',
+          'managesieve',
+          'newmail_notifier',
+          'vcard_attachments',
+          'zipdownload',
+
+          'automatic_addressbook',
+          'message_highlight',
+          'carddav',
+          // Ne marche pas ?: 'ident_switch',
+          // Ne marche pas ?: 'thunderbird_labels',
+        );
 
         $config['language'] = 'fr_FR';
 
@@ -37,71 +63,59 @@ let
         $config['default_folders'] = array('INBOX', 'Mail/Drafts', 'Mail/sent', 'Mail/Spam', ''');
         $config['draft_autosave'] = 60;
         $config['enable_installer'] = false;
-        $config['log_driver'] = 'stdout';
+        $config['log_driver'] = 'file';
         $config['temp_dir'] = '${varDir}/cache';
-        $config['debug_level'] = 1;
-      '';
-    webRoot = stdenv.mkDerivation rec {
-      version = "1.3.8";
-      name = "roundcubemail-${version}";
-      src= fetchurl {
-        url = "https://github.com/roundcube/roundcubemail/releases/download/${version}/${name}-complete.tar.gz";
-        sha256 = "018djad7ygfl9c9f2l2j42qkg31ml3hs2f01f0dk361zckwk77n4";
-      };
-      buildPhase = ''
-        sed -i \
-          -e "s|RCUBE_INSTALL_PATH . 'temp.*|'${varDir}/cache';|" \
-          config/defaults.inc.php
+        $config['mime_types'] = '${apacheHttpd}/conf/mime.types';
+    '';
+  }];
+  webRoot = (roundcubemail.override { roundcube_config = "/var/secrets/webapps/tools-roundcube"; }).withPlugins
+    (builtins.attrValues roundcubemail-plugins) (builtins.attrValues roundcubemail-skins);
+  apache = rec {
+    user = "wwwrun";
+    group = "wwwrun";
+    modules = [ "proxy_fcgi" ];
+    webappName = "tools_roundcubemail";
+    root = "/run/current-system/webapps/${webappName}";
+    vhostConf = ''
+    Alias /roundcube "${root}"
+    <Directory "${root}">
+        DirectoryIndex index.php
+        AllowOverride All
+        Options FollowSymlinks
+        Require all granted
+
+        <FilesMatch "\.php$">
+          SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
+        </FilesMatch>
+      </Directory>
       '';
-      installPhase = ''
-        cp -a . $out
-        ln -s ${config} $out/config/config.inc.php
-        ${builtins.concatStringsSep "\n" (
-          lib.attrsets.mapAttrsToList (name: value: "ln -sf ${value} $out/plugins/${name}") plugins
-        )}
+  };
+  phpFpm = rec {
+    serviceDeps = [ "postgresql.service" ];
+    basedir = builtins.concatStringsSep ":" (
+      [ webRoot "/var/secrets/webapps/tools-roundcube" varDir ]
+      ++ webRoot.plugins
+      ++ webRoot.skins);
+    phpConfig = ''
+      date.timezone = 'CET'
+      extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
       '';
-    };
-    apache = rec {
-      user = "wwwrun";
-      group = "wwwrun";
-      modules = [ "proxy_fcgi" ];
-      webappName = "tools_roundcubemail";
-      root = "/run/current-system/webapps/${webappName}";
-      vhostConf = ''
-      Alias /roundcube "${root}"
-      <Directory "${root}">
-          DirectoryIndex index.php
-          AllowOverride All
-          Options FollowSymlinks
-          Require all granted
+    socket = "/var/run/phpfpm/roundcubemail.sock";
+    pool = ''
+      user = ${apache.user}
+      group = ${apache.group}
+      listen.owner = ${apache.user}
+      listen.group = ${apache.group}
+      pm = ondemand
+      pm.max_children = 60
+      pm.process_idle_timeout = 60
 
-          <FilesMatch "\.php$">
-            SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-          </FilesMatch>
-        </Directory>
-        '';
-    };
-    phpFpm = rec {
-      basedir = builtins.concatStringsSep ":" (
-        [ webRoot config varDir ]
-        ++ lib.attrsets.mapAttrsToList (name: value: value) plugins);
-      socket = "/var/run/phpfpm/roundcubemail.sock";
-      pool = ''
-        listen = ${socket}
-        user = ${apache.user}
-        group = ${apache.group}
-        listen.owner = ${apache.user}
-        listen.group = ${apache.group}
-        pm = ondemand
-        pm.max_children = 60
-        pm.process_idle_timeout = 60
-
-        ; Needed to avoid clashes in browser cookies (same domain)
-        php_value[session.name] = RoundcubemailPHPSESSID
-        php_admin_value[open_basedir] = "${basedir}:/tmp"
-        php_admin_value[session.save_path] = "${varDir}/phpSessions"
-        '';
-    };
+      ; Needed to avoid clashes in browser cookies (same domain)
+      php_value[session.name] = RoundcubemailPHPSESSID
+      php_admin_value[upload_max_filesize] = 200M
+      php_admin_value[post_max_size] = 200M
+      php_admin_value[open_basedir] = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp"
+      php_admin_value[session.save_path] = "${varDir}/phpSessions"
+      '';
   };
-in 
-  roundcubemail
+}
My infrastructure configuration