Implement mta-sts and move mail services to specific domain

author: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-07-01 22:07:52 +0200
committer: Ismaël Bouya <ismael.bouya@normalesup.org> 2019-07-01 22:07:52 +0200
commit: afcc5de071dfffdc507995d1845372ba40dc1dc2 (patch)
tree: c96fe6b4d915e7382316a57d0d626760a7fd2876 /modules/private/websites/tools/tools
parent: 2f16a987d306cdb7bf9b4e80fa4af173373719bd (diff)
download: Nix-afcc5de071dfffdc507995d1845372ba40dc1dc2.tar.gz
Nix-afcc5de071dfffdc507995d1845372ba40dc1dc2.tar.zst
Nix-afcc5de071dfffdc507995d1845372ba40dc1dc2.zip
3 files changed, 4 insertions, 215 deletions
diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix
index 9908d99..5b368e0 100644
--- a/modules/private/websites/tools/tools/default.nix
+++ b/modules/private/websites/tools/tools/default.nix
@@ -10,11 +10,6 @@ let
    inherit (pkgs.webapps) ttrss ttrss-plugins;
    env = myconfig.env.tools.ttrss;
  };
-  roundcubemail = pkgs.callPackage ./roundcubemail.nix {
-    inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
-    env = myconfig.env.tools.roundcubemail;
-  };
-  rainloop = pkgs.callPackage ./rainloop.nix  {};
  kanboard = pkgs.callPackage ./kanboard.nix  {
    env = myconfig.env.tools.kanboard;
  };
@@ -51,21 +46,16 @@ in {
    secrets.keys =
      kanboard.keys
      ++ ldap.keys
-      ++ roundcubemail.keys
      ++ shaarli.keys
      ++ ttrss.keys
      ++ wallabag.keys
      ++ yourls.keys;
-    services.websites.env.integration.modules =
-      rainloop.apache.modules;
    services.websites.env.tools.modules =
      [ "proxy_fcgi" ]
      ++ adminer.apache.modules
      ++ ympd.apache.modules
      ++ ttrss.apache.modules
-      ++ roundcubemail.apache.modules
      ++ wallabag.apache.modules
      ++ yourls.apache.modules
      ++ rompr.apache.modules
@@ -90,7 +80,6 @@ in {
            </FilesMatch>
          </Directory>
          ''
-        rainloop.apache.vhostConf
      ];
    };
@@ -101,6 +90,8 @@ in {
      root        = "/var/lib/ftp/tools.immae.eu";
      extraConfig = [
        ''
+          RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1
          <Directory "/var/lib/ftp/tools.immae.eu">
            DirectoryIndex index.php index.htm index.html
            AllowOverride all
@@ -113,7 +104,6 @@ in {
        adminer.apache.vhostConf
        ympd.apache.vhostConf
        ttrss.apache.vhostConf
-        roundcubemail.apache.vhostConf
        wallabag.apache.vhostConf
        yourls.apache.vhostConf
        rompr.apache.vhostConf
@@ -145,6 +135,8 @@ in {
        RedirectMatch 301 ^/taskweb(.*)$     https://task.immae.eu/taskweb$1
+        RedirectMatch 301 ^/roundcube(.*)$   https://mail.immae.eu/roundcube$1
        RedirectMatch 301 ^/(.*)$            https://tools.immae.eu/$1
        ''
      ];
@@ -163,14 +155,6 @@ in {
        after = lib.mkAfter ldap.phpFpm.serviceDeps;
        wants = ldap.phpFpm.serviceDeps;
      };
-      phpfpm-rainloop = {
-        after = lib.mkAfter rainloop.phpFpm.serviceDeps;
-        wants = rainloop.phpFpm.serviceDeps;
-      };
-      phpfpm-roundcubemail = {
-        after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
-        wants = roundcubemail.phpFpm.serviceDeps;
-      };
      phpfpm-shaarli = {
        after = lib.mkAfter shaarli.phpFpm.serviceDeps;
        wants = shaarli.phpFpm.serviceDeps;
@@ -217,12 +201,6 @@ in {
      paths = [ "/var/secrets/mpd" ];
    };
-    services.phpfpm.pools.roundcubemail = {
-      listen = roundcubemail.phpFpm.socket;
-      extraConfig = roundcubemail.phpFpm.pool;
-      phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
-    };
    services.phpfpm.pools.devtools = {
      listen = "/var/run/phpfpm/devtools.sock";
      extraConfig = ''
@@ -254,7 +232,6 @@ in {
      shaarli = shaarli.phpFpm.pool;
      dokuwiki = dokuwiki.phpFpm.pool;
      ldap = ldap.phpFpm.pool;
-      rainloop = rainloop.phpFpm.pool;
      kanboard = kanboard.phpFpm.pool;
      tools = ''
        listen = /var/run/phpfpm/tools.sock
@@ -277,13 +254,11 @@ in {
    system.activationScripts = {
      adminer = adminer.activationScript;
      ttrss = ttrss.activationScript;
-      roundcubemail = roundcubemail.activationScript;
      wallabag = wallabag.activationScript;
      yourls = yourls.activationScript;
      rompr = rompr.activationScript;
      shaarli = shaarli.activationScript;
      dokuwiki = dokuwiki.activationScript;
-      rainloop = rainloop.activationScript;
      kanboard = kanboard.activationScript;
      ldap = ldap.activationScript;
    };
@@ -293,12 +268,10 @@ in {
      "${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
      "${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
      "${rompr.apache.webappName}" = rompr.webRoot;
-      "${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
      "${shaarli.apache.webappName}" = shaarli.webRoot;
      "${ttrss.apache.webappName}" = ttrss.webRoot;
      "${wallabag.apache.webappName}" = wallabag.webRoot;
      "${yourls.apache.webappName}" = yourls.webRoot;
-      "${rainloop.apache.webappName}" = rainloop.webRoot;
      "${kanboard.apache.webappName}" = kanboard.webRoot;
    };
diff --git a/modules/private/websites/tools/tools/rainloop.nix b/modules/private/websites/tools/tools/rainloop.nix
deleted file mode 100644
index dbf0f24..0000000
--- a/modules/private/websites/tools/tools/rainloop.nix
+++ /dev/null
@@ -1,59 +0,0 @@
-{ lib, pkgs, writeText, stdenv, fetchurl }:
-rec {
-  varDir = "/var/lib/rainloop";
-  activationScript = {
-    deps = [ "wrappers" ];
-    text = ''
-      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
-      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
-      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/data
-    '';
-  };
-  webRoot = pkgs.rainloop-community.override { dataPath = "${varDir}/data"; };
-  apache = rec {
-    user = "wwwrun";
-    group = "wwwrun";
-    modules = [ "proxy_fcgi" ];
-    webappName = "tools_rainloop";
-    root = "/run/current-system/webapps/${webappName}";
-    vhostConf = ''
-    Alias /rainloop "${root}"
-    <Directory "${root}">
-      DirectoryIndex index.php
-      AllowOverride All
-      Options -FollowSymlinks
-      Require all granted
-      <FilesMatch "\.php$">
-        SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-      </FilesMatch>
-    </Directory>
-    <DirectoryMatch "${root}/data">
-      Require all denied
-    </DirectoryMatch>
-    '';
-  };
-  phpFpm = rec {
-    serviceDeps = [ "postgresql.service" ];
-    basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
-    socket = "/var/run/phpfpm/rainloop.sock";
-    pool = ''
-      listen = ${socket}
-      user = ${apache.user}
-      group = ${apache.group}
-      listen.owner = ${apache.user}
-      listen.group = ${apache.group}
-      pm = ondemand
-      pm.max_children = 60
-      pm.process_idle_timeout = 60
-      ; Needed to avoid clashes in browser cookies (same domain)
-      php_value[session.name] = RainloopPHPSESSID
-      php_admin_value[upload_max_filesize] = 200M
-      php_admin_value[post_max_size] = 200M
-      php_admin_value[open_basedir] = "${basedir}:/tmp"
-      php_admin_value[session.save_path] = "${varDir}/phpSessions"
-      '';
-  };
-}
diff --git a/modules/private/websites/tools/tools/roundcubemail.nix b/modules/private/websites/tools/tools/roundcubemail.nix
deleted file mode 100644
index 8bb60d6..0000000
--- a/modules/private/websites/tools/tools/roundcubemail.nix
+++ /dev/null
@@ -1,125 +0,0 @@
-{ env, roundcubemail, roundcubemail-plugins, roundcubemail-skins, phpPackages, apacheHttpd }:
-rec {
-  varDir = "/var/lib/roundcubemail";
-  activationScript = {
-    deps = [ "wrappers" ];
-    text = ''
-      install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
-        ${varDir}/cache ${varDir}/logs
-      install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
-    '';
-  };
-  keys = [{
-    dest = "webapps/tools-roundcube";
-    user = apache.user;
-    group = apache.group;
-    permissions = "0400";
-    text = ''
-      <?php
-        $config['db_dsnw'] = '${env.psql_url}';
-        $config['default_host'] = 'ssl://imap.immae.eu';
-        $config['username_domain'] = array(
-          "imap.immae.eu" => "mail.immae.eu"
-        );
-        $config['imap_conn_options'] = array("ssl" => array("verify_peer" => false));
-        $config['smtp_server'] = 'tls://smtp.immae.eu';
-        $config['smtp_port'] = '587';
-        $config['managesieve_host'] = 'imap.immae.eu';
-        $config['managesieve_port'] = '4190';
-        $config['managesieve_usetls'] = true;
-        $config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false));
-        $config['imap_cache'] = 'db';
-        $config['messages_cache'] = 'db';
-        $config['support_url'] = ''';
-        $config['des_key'] = '${env.secret}';
-        $config['skin'] = 'elastic';
-        $config['plugins'] = array(
-          'attachment_reminder',
-          'emoticons',
-          'filesystem_attachments',
-          'hide_blockquote',
-          'identicon',
-          'identity_select',
-          'jqueryui',
-          'markasjunk',
-          'managesieve',
-          'newmail_notifier',
-          'vcard_attachments',
-          'zipdownload',
-          'automatic_addressbook',
-          'message_highlight',
-          'carddav',
-          // Ne marche pas ?: 'ident_switch',
-          // Ne marche pas ?: 'thunderbird_labels',
-        );
-        $config['language'] = 'fr_FR';
-        $config['drafts_mbox'] = 'Drafts';
-        $config['junk_mbox'] = 'Junk';
-        $config['sent_mbox'] = 'Sent';
-        $config['trash_mbox'] = 'Trash';
-        $config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
-        $config['draft_autosave'] = 60;
-        $config['enable_installer'] = false;
-        $config['log_driver'] = 'file';
-        $config['temp_dir'] = '${varDir}/cache';
-        $config['mime_types'] = '${apacheHttpd}/conf/mime.types';
-    '';
-  }];
-  webRoot = (roundcubemail.override { roundcube_config = "/var/secrets/webapps/tools-roundcube"; }).withPlugins
-    (builtins.attrValues roundcubemail-plugins) (builtins.attrValues roundcubemail-skins);
-  apache = rec {
-    user = "wwwrun";
-    group = "wwwrun";
-    modules = [ "proxy_fcgi" ];
-    webappName = "tools_roundcubemail";
-    root = "/run/current-system/webapps/${webappName}";
-    vhostConf = ''
-    Alias /roundcube "${root}"
-    <Directory "${root}">
-        DirectoryIndex index.php
-        AllowOverride All
-        Options FollowSymlinks
-        Require all granted
-        <FilesMatch "\.php$">
-          SetHandler "proxy:unix:${phpFpm.socket}|fcgi://localhost"
-        </FilesMatch>
-      </Directory>
-      '';
-  };
-  phpFpm = rec {
-    serviceDeps = [ "postgresql.service" ];
-    basedir = builtins.concatStringsSep ":" (
-      [ webRoot "/var/secrets/webapps/tools-roundcube" varDir ]
-      ++ webRoot.plugins
-      ++ webRoot.skins);
-    phpConfig = ''
-      date.timezone = 'CET'
-      extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
-      '';
-    socket = "/var/run/phpfpm/roundcubemail.sock";
-    pool = ''
-      user = ${apache.user}
-      group = ${apache.group}
-      listen.owner = ${apache.user}
-      listen.group = ${apache.group}
-      pm = ondemand
-      pm.max_children = 60
-      pm.process_idle_timeout = 60
-      ; Needed to avoid clashes in browser cookies (same domain)
-      php_value[session.name] = RoundcubemailPHPSESSID
-      php_admin_value[upload_max_filesize] = 200M
-      php_admin_value[post_max_size] = 200M
-      php_admin_value[open_basedir] = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp"
-      php_admin_value[session.save_path] = "${varDir}/phpSessions"
-      '';
-  };
-}
author	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-07-01 22:07:52 +0200
committer	Ismaël Bouya <ismael.bouya@normalesup.org>	2019-07-01 22:07:52 +0200
commit	afcc5de071dfffdc507995d1845372ba40dc1dc2 (patch)
tree	c96fe6b4d915e7382316a57d0d626760a7fd2876 /modules/private/websites/tools/tools
parent	2f16a987d306cdb7bf9b4e80fa4af173373719bd (diff)
download	Nix-afcc5de071dfffdc507995d1845372ba40dc1dc2.tar.gz Nix-afcc5de071dfffdc507995d1845372ba40dc1dc2.tar.zst Nix-afcc5de071dfffdc507995d1845372ba40dc1dc2.zip

diff --git a/modules/private/websites/tools/tools/default.nix b/modules/private/websites/tools/tools/default.nix index 9908d99..5b368e0 100644 --- a/modules/private/websites/tools/tools/default.nix +++ b/modules/private/websites/tools/tools/default.nix
@@ -10,11 +10,6 @@ let
10	inherit (pkgs.webapps) ttrss ttrss-plugins;	10	inherit (pkgs.webapps) ttrss ttrss-plugins;
11	env = myconfig.env.tools.ttrss;	11	env = myconfig.env.tools.ttrss;
12	};	12	};
13	roundcubemail = pkgs.callPackage ./roundcubemail.nix {
14	inherit (pkgs.webapps) roundcubemail roundcubemail-plugins roundcubemail-skins;
15	env = myconfig.env.tools.roundcubemail;
16	};
17	rainloop = pkgs.callPackage ./rainloop.nix {};
18	kanboard = pkgs.callPackage ./kanboard.nix {	13	kanboard = pkgs.callPackage ./kanboard.nix {
19	env = myconfig.env.tools.kanboard;	14	env = myconfig.env.tools.kanboard;
20	};	15	};
@@ -51,21 +46,16 @@ in {
51	secrets.keys =	46	secrets.keys =
52	kanboard.keys	47	kanboard.keys
53	++ ldap.keys	48	++ ldap.keys
54	++ roundcubemail.keys
55	++ shaarli.keys	49	++ shaarli.keys
56	++ ttrss.keys	50	++ ttrss.keys
57	++ wallabag.keys	51	++ wallabag.keys
58	++ yourls.keys;	52	++ yourls.keys;
59		53
60	services.websites.env.integration.modules =
61	rainloop.apache.modules;
62
63	services.websites.env.tools.modules =	54	services.websites.env.tools.modules =
64	[ "proxy_fcgi" ]	55	[ "proxy_fcgi" ]
65	++ adminer.apache.modules	56	++ adminer.apache.modules
66	++ ympd.apache.modules	57	++ ympd.apache.modules
67	++ ttrss.apache.modules	58	++ ttrss.apache.modules
68	++ roundcubemail.apache.modules
69	++ wallabag.apache.modules	59	++ wallabag.apache.modules
70	++ yourls.apache.modules	60	++ yourls.apache.modules
71	++ rompr.apache.modules	61	++ rompr.apache.modules
@@ -90,7 +80,6 @@ in {
90	</FilesMatch>	80	</FilesMatch>
91	</Directory>	81	</Directory>
92	''	82	''
93	rainloop.apache.vhostConf
94	];	83	];
95	};	84	};
96		85
@@ -101,6 +90,8 @@ in {
101	root = "/var/lib/ftp/tools.immae.eu";	90	root = "/var/lib/ftp/tools.immae.eu";
102	extraConfig = [	91	extraConfig = [
103	''	92	''
		93	RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
		94
104	<Directory "/var/lib/ftp/tools.immae.eu">	95	<Directory "/var/lib/ftp/tools.immae.eu">
105	DirectoryIndex index.php index.htm index.html	96	DirectoryIndex index.php index.htm index.html
106	AllowOverride all	97	AllowOverride all
@@ -113,7 +104,6 @@ in {
113	adminer.apache.vhostConf	104	adminer.apache.vhostConf
114	ympd.apache.vhostConf	105	ympd.apache.vhostConf
115	ttrss.apache.vhostConf	106	ttrss.apache.vhostConf
116	roundcubemail.apache.vhostConf
117	wallabag.apache.vhostConf	107	wallabag.apache.vhostConf
118	yourls.apache.vhostConf	108	yourls.apache.vhostConf
119	rompr.apache.vhostConf	109	rompr.apache.vhostConf
@@ -145,6 +135,8 @@ in {
145		135
146	RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1	136	RedirectMatch 301 ^/taskweb(.*)$ https://task.immae.eu/taskweb$1
147		137
		138	RedirectMatch 301 ^/roundcube(.*)$ https://mail.immae.eu/roundcube$1
		139
148	RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1	140	RedirectMatch 301 ^/(.*)$ https://tools.immae.eu/$1
149	''	141	''
150	];	142	];
@@ -163,14 +155,6 @@ in {
163	after = lib.mkAfter ldap.phpFpm.serviceDeps;	155	after = lib.mkAfter ldap.phpFpm.serviceDeps;
164	wants = ldap.phpFpm.serviceDeps;	156	wants = ldap.phpFpm.serviceDeps;
165	};	157	};
166	phpfpm-rainloop = {
167	after = lib.mkAfter rainloop.phpFpm.serviceDeps;
168	wants = rainloop.phpFpm.serviceDeps;
169	};
170	phpfpm-roundcubemail = {
171	after = lib.mkAfter roundcubemail.phpFpm.serviceDeps;
172	wants = roundcubemail.phpFpm.serviceDeps;
173	};
174	phpfpm-shaarli = {	158	phpfpm-shaarli = {
175	after = lib.mkAfter shaarli.phpFpm.serviceDeps;	159	after = lib.mkAfter shaarli.phpFpm.serviceDeps;
176	wants = shaarli.phpFpm.serviceDeps;	160	wants = shaarli.phpFpm.serviceDeps;
@@ -217,12 +201,6 @@ in {
217	paths = [ "/var/secrets/mpd" ];	201	paths = [ "/var/secrets/mpd" ];
218	};	202	};
219		203
220	services.phpfpm.pools.roundcubemail = {
221	listen = roundcubemail.phpFpm.socket;
222	extraConfig = roundcubemail.phpFpm.pool;
223	phpOptions = config.services.phpfpm.phpOptions + roundcubemail.phpFpm.phpConfig;
224	};
225
226	services.phpfpm.pools.devtools = {	204	services.phpfpm.pools.devtools = {
227	listen = "/var/run/phpfpm/devtools.sock";	205	listen = "/var/run/phpfpm/devtools.sock";
228	extraConfig = ''	206	extraConfig = ''
@@ -254,7 +232,6 @@ in {
254	shaarli = shaarli.phpFpm.pool;	232	shaarli = shaarli.phpFpm.pool;
255	dokuwiki = dokuwiki.phpFpm.pool;	233	dokuwiki = dokuwiki.phpFpm.pool;
256	ldap = ldap.phpFpm.pool;	234	ldap = ldap.phpFpm.pool;
257	rainloop = rainloop.phpFpm.pool;
258	kanboard = kanboard.phpFpm.pool;	235	kanboard = kanboard.phpFpm.pool;
259	tools = ''	236	tools = ''
260	listen = /var/run/phpfpm/tools.sock	237	listen = /var/run/phpfpm/tools.sock
@@ -277,13 +254,11 @@ in {
277	system.activationScripts = {	254	system.activationScripts = {
278	adminer = adminer.activationScript;	255	adminer = adminer.activationScript;
279	ttrss = ttrss.activationScript;	256	ttrss = ttrss.activationScript;
280	roundcubemail = roundcubemail.activationScript;
281	wallabag = wallabag.activationScript;	257	wallabag = wallabag.activationScript;
282	yourls = yourls.activationScript;	258	yourls = yourls.activationScript;
283	rompr = rompr.activationScript;	259	rompr = rompr.activationScript;
284	shaarli = shaarli.activationScript;	260	shaarli = shaarli.activationScript;
285	dokuwiki = dokuwiki.activationScript;	261	dokuwiki = dokuwiki.activationScript;
286	rainloop = rainloop.activationScript;
287	kanboard = kanboard.activationScript;	262	kanboard = kanboard.activationScript;
288	ldap = ldap.activationScript;	263	ldap = ldap.activationScript;
289	};	264	};
@@ -293,12 +268,10 @@ in {
293	"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;	268	"${dokuwiki.apache.webappName}" = dokuwiki.webRoot;
294	"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";	269	"${ldap.apache.webappName}" = "${ldap.webRoot}/htdocs";
295	"${rompr.apache.webappName}" = rompr.webRoot;	270	"${rompr.apache.webappName}" = rompr.webRoot;
296	"${roundcubemail.apache.webappName}" = roundcubemail.webRoot;
297	"${shaarli.apache.webappName}" = shaarli.webRoot;	271	"${shaarli.apache.webappName}" = shaarli.webRoot;
298	"${ttrss.apache.webappName}" = ttrss.webRoot;	272	"${ttrss.apache.webappName}" = ttrss.webRoot;
299	"${wallabag.apache.webappName}" = wallabag.webRoot;	273	"${wallabag.apache.webappName}" = wallabag.webRoot;
300	"${yourls.apache.webappName}" = yourls.webRoot;	274	"${yourls.apache.webappName}" = yourls.webRoot;
301	"${rainloop.apache.webappName}" = rainloop.webRoot;
302	"${kanboard.apache.webappName}" = kanboard.webRoot;	275	"${kanboard.apache.webappName}" = kanboard.webRoot;
303	};	276	};
304		277


diff --git a/modules/private/websites/tools/tools/rainloop.nix b/modules/private/websites/tools/tools/rainloop.nix deleted file mode 100644 index dbf0f24..0000000 --- a/modules/private/websites/tools/tools/rainloop.nix +++ /dev/null
@@ -1,59 +0,0 @@
1	{ lib, pkgs, writeText, stdenv, fetchurl }:
2	rec {
3	varDir = "/var/lib/rainloop";
4	activationScript = {
5	deps = [ "wrappers" ];
6	text = ''
7	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir}
8	install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
9	install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/data
10	'';
11	};
12	webRoot = pkgs.rainloop-community.override { dataPath = "${varDir}/data"; };
13	apache = rec {
14	user = "wwwrun";
15	group = "wwwrun";
16	modules = [ "proxy_fcgi" ];
17	webappName = "tools_rainloop";
18	root = "/run/current-system/webapps/${webappName}";
19	vhostConf = ''
20	Alias /rainloop "${root}"
21	<Directory "${root}">
22	DirectoryIndex index.php
23	AllowOverride All
24	Options -FollowSymlinks
25	Require all granted
26
27	<FilesMatch "\.php$">
28	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
29	</FilesMatch>
30	</Directory>
31
32	<DirectoryMatch "${root}/data">
33	Require all denied
34	</DirectoryMatch>
35	'';
36	};
37	phpFpm = rec {
38	serviceDeps = [ "postgresql.service" ];
39	basedir = builtins.concatStringsSep ":" [ webRoot varDir ];
40	socket = "/var/run/phpfpm/rainloop.sock";
41	pool = ''
42	listen = ${socket}
43	user = ${apache.user}
44	group = ${apache.group}
45	listen.owner = ${apache.user}
46	listen.group = ${apache.group}
47	pm = ondemand
48	pm.max_children = 60
49	pm.process_idle_timeout = 60
50
51	; Needed to avoid clashes in browser cookies (same domain)
52	php_value[session.name] = RainloopPHPSESSID
53	php_admin_value[upload_max_filesize] = 200M
54	php_admin_value[post_max_size] = 200M
55	php_admin_value[open_basedir] = "${basedir}:/tmp"
56	php_admin_value[session.save_path] = "${varDir}/phpSessions"
57	'';
58	};
59	}


diff --git a/modules/private/websites/tools/tools/roundcubemail.nix b/modules/private/websites/tools/tools/roundcubemail.nix deleted file mode 100644 index 8bb60d6..0000000 --- a/modules/private/websites/tools/tools/roundcubemail.nix +++ /dev/null
@@ -1,125 +0,0 @@
1	{ env, roundcubemail, roundcubemail-plugins, roundcubemail-skins, phpPackages, apacheHttpd }:
2	rec {
3	varDir = "/var/lib/roundcubemail";
4	activationScript = {
5	deps = [ "wrappers" ];
6	text = ''
7	install -m 0755 -o ${apache.user} -g ${apache.group} -d ${varDir} \
8	${varDir}/cache ${varDir}/logs
9	install -m 0750 -o ${apache.user} -g ${apache.group} -d ${varDir}/phpSessions
10	'';
11	};
12	keys = [{
13	dest = "webapps/tools-roundcube";
14	user = apache.user;
15	group = apache.group;
16	permissions = "0400";
17	text = ''
18	<?php
19	$config['db_dsnw'] = '${env.psql_url}';
20	$config['default_host'] = 'ssl://imap.immae.eu';
21	$config['username_domain'] = array(
22	"imap.immae.eu" => "mail.immae.eu"
23	);
24	$config['imap_conn_options'] = array("ssl" => array("verify_peer" => false));
25	$config['smtp_server'] = 'tls://smtp.immae.eu';
26	$config['smtp_port'] = '587';
27	$config['managesieve_host'] = 'imap.immae.eu';
28	$config['managesieve_port'] = '4190';
29	$config['managesieve_usetls'] = true;
30	$config['managesieve_conn_options'] = array("ssl" => array("verify_peer" => false));
31
32	$config['imap_cache'] = 'db';
33	$config['messages_cache'] = 'db';
34
35	$config['support_url'] = ''';
36
37	$config['des_key'] = '${env.secret}';
38
39	$config['skin'] = 'elastic';
40	$config['plugins'] = array(
41	'attachment_reminder',
42	'emoticons',
43	'filesystem_attachments',
44	'hide_blockquote',
45	'identicon',
46	'identity_select',
47	'jqueryui',
48	'markasjunk',
49	'managesieve',
50	'newmail_notifier',
51	'vcard_attachments',
52	'zipdownload',
53
54	'automatic_addressbook',
55	'message_highlight',
56	'carddav',
57	// Ne marche pas ?: 'ident_switch',
58	// Ne marche pas ?: 'thunderbird_labels',
59	);
60
61	$config['language'] = 'fr_FR';
62
63	$config['drafts_mbox'] = 'Drafts';
64	$config['junk_mbox'] = 'Junk';
65	$config['sent_mbox'] = 'Sent';
66	$config['trash_mbox'] = 'Trash';
67	$config['default_folders'] = array('INBOX', 'Drafts', 'Sent', 'Junk', 'Trash');
68	$config['draft_autosave'] = 60;
69	$config['enable_installer'] = false;
70	$config['log_driver'] = 'file';
71	$config['temp_dir'] = '${varDir}/cache';
72	$config['mime_types'] = '${apacheHttpd}/conf/mime.types';
73	'';
74	}];
75	webRoot = (roundcubemail.override { roundcube_config = "/var/secrets/webapps/tools-roundcube"; }).withPlugins
76	(builtins.attrValues roundcubemail-plugins) (builtins.attrValues roundcubemail-skins);
77	apache = rec {
78	user = "wwwrun";
79	group = "wwwrun";
80	modules = [ "proxy_fcgi" ];
81	webappName = "tools_roundcubemail";
82	root = "/run/current-system/webapps/${webappName}";
83	vhostConf = ''
84	Alias /roundcube "${root}"
85	<Directory "${root}">
86	DirectoryIndex index.php
87	AllowOverride All
88	Options FollowSymlinks
89	Require all granted
90
91	<FilesMatch "\.php$">
92	SetHandler "proxy:unix:${phpFpm.socket}\|fcgi://localhost"
93	</FilesMatch>
94	</Directory>
95	'';
96	};
97	phpFpm = rec {
98	serviceDeps = [ "postgresql.service" ];
99	basedir = builtins.concatStringsSep ":" (
100	[ webRoot "/var/secrets/webapps/tools-roundcube" varDir ]
101	++ webRoot.plugins
102	++ webRoot.skins);
103	phpConfig = ''
104	date.timezone = 'CET'
105	extension=${phpPackages.imagick}/lib/php/extensions/imagick.so
106	'';
107	socket = "/var/run/phpfpm/roundcubemail.sock";
108	pool = ''
109	user = ${apache.user}
110	group = ${apache.group}
111	listen.owner = ${apache.user}
112	listen.group = ${apache.group}
113	pm = ondemand
114	pm.max_children = 60
115	pm.process_idle_timeout = 60
116
117	; Needed to avoid clashes in browser cookies (same domain)
118	php_value[session.name] = RoundcubemailPHPSESSID
119	php_admin_value[upload_max_filesize] = 200M
120	php_admin_value[post_max_size] = 200M
121	php_admin_value[open_basedir] = "${basedir}:${apacheHttpd}/conf/mime.types:/tmp"
122	php_admin_value[session.save_path] = "${varDir}/phpSessions"
123	'';
124	};
125	}