2024-05-13 20:39:21 +00:00
|
|
|
{ config, lib, ... }:
|
|
|
|
let
|
|
|
|
domain = config.selfprivacy.domain;
|
|
|
|
cfg = config.selfprivacy.modules.roundcube;
|
|
|
|
in
|
|
|
|
{
|
|
|
|
options.selfprivacy.modules.roundcube = {
|
|
|
|
enable = lib.mkOption {
|
|
|
|
default = false;
|
|
|
|
type = lib.types.bool;
|
|
|
|
};
|
|
|
|
subdomain = lib.mkOption {
|
|
|
|
default = "roundcube";
|
|
|
|
type = lib.types.strMatching "[A-Za-z0-9][A-Za-z0-9\-]{0,61}[A-Za-z0-9]";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
|
|
|
2024-06-12 12:10:28 +00:00
|
|
|
services.roundcube = {
|
|
|
|
enable = true;
|
|
|
|
# this is the url of the vhost, not necessarily the same as the fqdn of
|
|
|
|
# the mailserver
|
|
|
|
hostName = "${cfg.subdomain}.${config.selfprivacy.domain}";
|
|
|
|
extraConfig = ''
|
|
|
|
# starttls needed for authentication, so the fqdn required to match
|
|
|
|
# the certificate
|
|
|
|
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
|
|
|
|
$config['smtp_user'] = "%u";
|
|
|
|
$config['smtp_pass'] = "%p";
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
services.nginx.virtualHosts."${cfg.subdomain}.${domain}" = {
|
|
|
|
forceSSL = true;
|
|
|
|
useACMEHost = domain;
|
2024-07-18 15:20:15 +00:00
|
|
|
enableACME = false;
|
2024-06-12 12:10:28 +00:00
|
|
|
};
|
2024-07-26 23:52:21 +00:00
|
|
|
systemd = {
|
|
|
|
services = {
|
2024-07-27 00:07:06 +00:00
|
|
|
phpfpm-roundcube.serviceConfig.Slice = lib.mkForce "roundcube.slice";
|
2024-07-26 23:52:21 +00:00
|
|
|
};
|
|
|
|
slices.roundcube = {
|
|
|
|
description = "Roundcube service slice";
|
|
|
|
};
|
|
|
|
};
|
2024-05-13 20:39:21 +00:00
|
|
|
};
|
|
|
|
}
|