selfprivacy-nixos-config/sp-modules/roundcube/module.nix

48 lines
1.3 KiB
Nix
Raw Normal View History

{ config, lib, ... }:
let
domain = config.selfprivacy.domain;
cfg = config.selfprivacy.modules.roundcube;
in
{
options.selfprivacy.modules.roundcube = {
enable = lib.mkOption {
default = false;
type = lib.types.bool;
};
subdomain = lib.mkOption {
default = "roundcube";
type = lib.types.strMatching "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
};
};
config = lib.mkIf cfg.enable {
2024-06-12 12:10:28 +00:00
services.roundcube = {
enable = true;
# this is the url of the vhost, not necessarily the same as the fqdn of
# the mailserver
hostName = "${cfg.subdomain}.${config.selfprivacy.domain}";
extraConfig = ''
# starttls needed for authentication, so the fqdn required to match
# the certificate
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
services.nginx.virtualHosts."${cfg.subdomain}.${domain}" = {
forceSSL = true;
useACMEHost = domain;
2024-07-18 15:20:15 +00:00
enableACME = false;
2024-06-12 12:10:28 +00:00
};
2024-07-26 23:52:21 +00:00
systemd = {
services = {
2024-07-27 00:07:06 +00:00
phpfpm-roundcube.serviceConfig.Slice = lib.mkForce "roundcube.slice";
2024-07-26 23:52:21 +00:00
};
slices.roundcube = {
description = "Roundcube service slice";
};
};
};
}