AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add roundcube webmail

Browse Source
This commit is contained in:
Dmitriy Kholkin 2022-03-22 06:01:10 +03:00
parent 380c9869a1
commit bdac8cdf7b
8 changed files with 78 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
machines/NixOS-CT/default.nix
View File

@ -3,10 +3,13 @@
./hardware-configuration.nix ./hardware-configuration.nix
inputs.self.nixosRoles.container inputs.self.nixosRoles.container
virtualisation
fail2ban fail2ban
gitea gitea
mailserver mailserver
nginx nginx
roundcube
vaultwarden vaultwarden
]; ];

2
profiles/overlay.nix
View File

@ -9,11 +9,13 @@ let
config = config.nixpkgs.config; config = config.nixpkgs.config;
localSystem = { inherit system; }; localSystem = { inherit system; };
}); });
roundcube-plugins = import ./packages/roundcube-plugins/default.nix;
in in
with lib; { with lib; {
nixpkgs.overlays = [ nixpkgs.overlays = [
inputs.nixpkgs-wayland.overlay inputs.nixpkgs-wayland.overlay
inputs.nix-alien.overlay inputs.nix-alien.overlay
roundcube-plugins
(self: super: (self: super:
rec { rec {
inherit inputs; inherit inputs;

14
profiles/packages/roundcube-plugins/carddav.nix Normal file
View File

@ -0,0 +1,14 @@
{ runCommand, fetchzip }:
let
pname = "carddav";
version = "4.3.0";
src = fetchzip {
url = "https://github.com/mstilkerich/rcmcarddav/releases/download/v${version}/carddav-v${version}.tar.gz";
sha256 = "sha256-pc3ZPc4DnQDk+qUr0n/lWstjt9oIz+CocluXEjrkYco=";
};
in runCommand "roundcube-plugin-${pname}-${version}" {
inherit pname version src;
} ''
mkdir -p $out/plugins/
cp -r ${src} $out/plugins/${pname}
''

4
profiles/packages/roundcube-plugins/default.nix Normal file
View File

@ -0,0 +1,4 @@
(self: super: {
roundcubePlugins.carddav = self.callPackage ./carddav.nix { };
roundcubePlugins.persistent_login = self.callPackage ./persistent_login.nix { };
})

14
profiles/packages/roundcube-plugins/persistent_login.nix Normal file
View File

@ -0,0 +1,14 @@
{ runCommand, fetchzip }:
let
pname = "persistent_login";
version = "5.3.0";
src = fetchzip {
url = "https://github.com/mfreiholz/persistent_login/archive/refs/tags/version-${version}.tar.gz";
sha256 = "sha256-q1G3ZjyLmWYZ6lia93Ajbl72rHlrqP4uAEjx63XAx+E=";
};
in runCommand "roundcube-plugin-${pname}-${version}" {
inherit pname version src;
} ''
mkdir -p $out/plugins/
cp -r ${src} $out/plugins/${pname}
''

9
profiles/servers/nginx.nix
View File

@ -16,6 +16,7 @@
"startpage.ataraxiadev.com" "startpage.ataraxiadev.com"
"vw.ataraxiadev.com" "vw.ataraxiadev.com"
"code.ataraxiadev.com" "code.ataraxiadev.com"
"webmail.ataraxiadev.com"
]; ];
}; };
}; };
@ -30,6 +31,7 @@
virtualHosts = let virtualHosts = let
default = { default = {
useACMEHost = "ataraxiadev.com"; useACMEHost = "ataraxiadev.com";
enableACME = false;
forceSSL = true; forceSSL = true;
}; };
proxySettings = { proxySettings = {
@ -118,6 +120,13 @@
proxyPass = "http://localhost:6000"; proxyPass = "http://localhost:6000";
} // proxySettings // hardened; } // proxySettings // hardened;
} // default; } // default;
"webmail.ataraxiadev.com" = {
locations."/" = {
extraConfig = ''
client_max_body_size 30M;
'';
} // hardened;
} // default;
}; };
}; };

30
profiles/servers/roundcube.nix Normal file
View File

@ -0,0 +1,30 @@
{ config, lib, pkgs, ... }: {
secrets.roundcube-db-pass = {
owner = "roundcube";
};
services.roundcube = {
enable = true;
database.passwordFile = config.secrets.roundcube-db-pass.decrypted;
database.username = "roundcube";
dicts = with pkgs.aspellDicts; [ en ru ];
extraConfig = ''
$config['default_host'] = array(
'tls://mail.ataraxiadev.com' => "AtaraxiaDev's Mail Server"
);
$config['username_domain'] = array(
'mail.ataraxiadev.com' => 'ataraxiadev.com'
);
'';
hostName = "webmail.ataraxiadev.com";
maxAttachmentSize = 25;
plugins = [ "carddav" "persistent_login" ];
package = pkgs.roundcube.withPlugins (plugins:
with plugins; [ carddav persistent_login ]
);
};
services.phpfpm.pools.roundcube.settings = {
"listen.owner" = config.services.nginx.user;
"listen.group" = config.services.nginx.group;
};
}

13
profiles/virtualisation.nix
View File

@ -1,17 +1,10 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
with config.deviceSpecific; { with config.deviceSpecific; {
config = lib.mkIf enableVirtualisation { config = lib.mkIf enableVirtualisation {
# virtualisation.podman = {
# enable = isServer;
# dockerCompat = true;
# defaultNetwork.dnsname.enable = true;
# };
virtualisation.docker = { virtualisation.docker = {
enable = isServer; enable = isServer;
}; };
virtualisation.oci-containers.backend = "docker";
# virtualisation.oci-containers.backend = "docker";
# virtualisation.oci-containers.backend = lib.mkForce "podman";
virtualisation.libvirtd = { virtualisation.libvirtd = {
enable = !isServer; enable = !isServer;
@ -31,9 +24,7 @@ with config.deviceSpecific; {
internalInterfaces = [ "ve-+" ]; internalInterfaces = [ "ve-+" ];
}; };
environment.systemPackages = if isServer then [ environment.systemPackages = with pkgs; if isServer then [
# arion
# docker-client
] else [ ] else [
virt-manager virt-manager
]; ];