mirror of
https://git.feal.no/felixalb/nixos-config.git
synced 2024-12-22 04:07:28 +01:00
voyager: move snappymail
This commit is contained in:
parent
988293113d
commit
b33dbd728e
@ -39,19 +39,6 @@
|
||||
zfs
|
||||
];
|
||||
|
||||
services.snappymail = {
|
||||
enable = true;
|
||||
hostname = "mail.home.feal.no";
|
||||
};
|
||||
services.nginx.virtualHosts."${config.services.snappymail.hostname}" = let
|
||||
certPath = "/etc/ssl-snakeoil/mail_home_feal_no";
|
||||
in {
|
||||
addSSL = true;
|
||||
|
||||
sslCertificate = "${certPath}.crt";
|
||||
sslCertificateKey = "${certPath}.key";
|
||||
};
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
virtualisation.oci-containers.backend = "docker";
|
||||
|
||||
|
108
hosts/voyager/modules/snappymail.nix
Normal file
108
hosts/voyager/modules/snappymail.nix
Normal file
@ -0,0 +1,108 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
let
|
||||
inherit (lib) mkDefault mkEnableOption mkForce mkIf mkOption mkPackageOption generators types;
|
||||
|
||||
cfg = config.services.snappymail;
|
||||
maxUploadSize = "256M";
|
||||
in {
|
||||
options.services.snappymail = {
|
||||
enable = mkEnableOption (lib.mdDoc "Snappymail");
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.snappymail;
|
||||
defaultText = lib.mdDoc "pkgs.snappymail";
|
||||
description = lib.mdDoc "Which snappymail package to use.";
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/snappymail";
|
||||
description = "State directory for snappymail";
|
||||
};
|
||||
|
||||
hostname = mkOption {
|
||||
type = types.str;
|
||||
/* default = null; */
|
||||
example = "mail.example.com";
|
||||
description = "Enable nginx with this hostname, null disables nginx";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "snappymail";
|
||||
description = lib.mdDoc "System user under which snappymail runs";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "snappymail";
|
||||
description = lib.mdDoc "System group under which snappymail runs";
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.users = mkIf (cfg.user == "snappymail") {
|
||||
snappymail = {
|
||||
description = "Snappymail service";
|
||||
group = cfg.group;
|
||||
home = cfg.dataDir;
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = mkIf (cfg.group == "snappymail") {
|
||||
snappymail = {};
|
||||
};
|
||||
|
||||
services.phpfpm.pools.snappymail = {
|
||||
user = cfg.user;
|
||||
group = cfg.group;
|
||||
phpOptions = generators.toKeyValue {} {
|
||||
upload_max_filesize = maxUploadSize;
|
||||
post_max_size = maxUploadSize;
|
||||
memory_limit = maxUploadSize;
|
||||
};
|
||||
|
||||
settings = {
|
||||
"listen.owner" = config.services.nginx.user;
|
||||
"listen.group" = config.services.nginx.group;
|
||||
"pm" = "ondemand";
|
||||
"pm.max_children" = 32;
|
||||
"pm.process_idle_timeout" = "10s";
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx = mkIf (cfg.hostname != null) {
|
||||
virtualHosts."${cfg.hostname}" = {
|
||||
locations."/".extraConfig = ''
|
||||
index index.php;
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
autoindex_localtime on;
|
||||
'';
|
||||
locations."^~ /data".extraConfig = ''
|
||||
deny all;
|
||||
'';
|
||||
locations."~ \.php$".extraConfig = ''
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.snappymail.socket};
|
||||
'';
|
||||
extraConfig = ''
|
||||
client_max_body_size ${maxUploadSize};
|
||||
'';
|
||||
|
||||
root = if (cfg.package == pkgs.snappymail) then
|
||||
pkgs.snappymail.override {
|
||||
dataPath = cfg.dataDir;
|
||||
}
|
||||
else cfg.package;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
@ -1,108 +1,17 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
{
|
||||
imports = [ ../modules/snappymail.nix ];
|
||||
|
||||
let
|
||||
inherit (lib) mkDefault mkEnableOption mkForce mkIf mkOption mkPackageOption generators types;
|
||||
|
||||
cfg = config.services.snappymail;
|
||||
maxUploadSize = "256M";
|
||||
in {
|
||||
options.services.snappymail = {
|
||||
enable = mkEnableOption (lib.mdDoc "Snappymail");
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.snappymail;
|
||||
defaultText = lib.mdDoc "pkgs.snappymail";
|
||||
description = lib.mdDoc "Which snappymail package to use.";
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/snappymail";
|
||||
description = "State directory for snappymail";
|
||||
};
|
||||
|
||||
hostname = mkOption {
|
||||
type = types.str;
|
||||
/* default = null; */
|
||||
example = "mail.example.com";
|
||||
description = "Enable nginx with this hostname, null disables nginx";
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "snappymail";
|
||||
description = lib.mdDoc "System user under which snappymail runs";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "snappymail";
|
||||
description = lib.mdDoc "System group under which snappymail runs";
|
||||
};
|
||||
services.snappymail = {
|
||||
enable = true;
|
||||
hostname = "mail.home.feal.no";
|
||||
};
|
||||
services.nginx.virtualHosts."${config.services.snappymail.hostname}" = let
|
||||
certPath = "/etc/ssl-snakeoil/mail_home_feal_no";
|
||||
in {
|
||||
addSSL = true;
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.users = mkIf (cfg.user == "snappymail") {
|
||||
snappymail = {
|
||||
description = "Snappymail service";
|
||||
group = cfg.group;
|
||||
home = cfg.dataDir;
|
||||
useDefaultShell = true;
|
||||
createHome = true;
|
||||
isSystemUser = true;
|
||||
};
|
||||
};
|
||||
|
||||
users.groups = mkIf (cfg.group == "snappymail") {
|
||||
snappymail = {};
|
||||
};
|
||||
|
||||
services.phpfpm.pools.snappymail = {
|
||||
user = cfg.user;
|
||||
group = cfg.group;
|
||||
phpOptions = generators.toKeyValue {} {
|
||||
upload_max_filesize = maxUploadSize;
|
||||
post_max_size = maxUploadSize;
|
||||
memory_limit = maxUploadSize;
|
||||
};
|
||||
|
||||
settings = {
|
||||
"listen.owner" = config.services.nginx.user;
|
||||
"listen.group" = config.services.nginx.group;
|
||||
"pm" = "ondemand";
|
||||
"pm.max_children" = 32;
|
||||
"pm.process_idle_timeout" = "10s";
|
||||
"pm.max_requests" = 500;
|
||||
};
|
||||
};
|
||||
|
||||
services.nginx = mkIf (cfg.hostname != null) {
|
||||
virtualHosts."${cfg.hostname}" = {
|
||||
locations."/".extraConfig = ''
|
||||
index index.php;
|
||||
autoindex on;
|
||||
autoindex_exact_size off;
|
||||
autoindex_localtime on;
|
||||
'';
|
||||
locations."^~ /data".extraConfig = ''
|
||||
deny all;
|
||||
'';
|
||||
locations."~ \.php$".extraConfig = ''
|
||||
include ${pkgs.nginx}/conf/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass unix:${config.services.phpfpm.pools.snappymail.socket};
|
||||
'';
|
||||
extraConfig = ''
|
||||
client_max_body_size ${maxUploadSize};
|
||||
'';
|
||||
|
||||
root = if (cfg.package == pkgs.snappymail) then
|
||||
pkgs.snappymail.override {
|
||||
dataPath = cfg.dataDir;
|
||||
}
|
||||
else cfg.package;
|
||||
};
|
||||
};
|
||||
sslCertificate = "${certPath}.crt";
|
||||
sslCertificateKey = "${certPath}.key";
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user