From c8d383c9ab3c50a28cceb7fbf48834a123d826a1 Mon Sep 17 00:00:00 2001 From: Adrian Gunnar Lauterer Date: Sat, 25 Nov 2023 21:23:06 +0100 Subject: [PATCH 1/2] bekkalokk-roundcube init at roundcube.pvv.ntnu.no --- hosts/bekkalokk/configuration.nix | 1 + hosts/bekkalokk/services/webmail/default.nix | 6 ++++ .../bekkalokk/services/webmail/roundcube.nix | 34 +++++++++++++++++++ 3 files changed, 41 insertions(+) create mode 100644 hosts/bekkalokk/services/webmail/default.nix create mode 100644 hosts/bekkalokk/services/webmail/roundcube.nix diff --git a/hosts/bekkalokk/configuration.nix b/hosts/bekkalokk/configuration.nix index 1c21b7be..e2d28913 100644 --- a/hosts/bekkalokk/configuration.nix +++ b/hosts/bekkalokk/configuration.nix @@ -13,6 +13,7 @@ # ./services/website.nix ./services/nginx.nix ./services/gitea/default.nix + ./services/webmail # ./services/mediawiki.nix ]; diff --git a/hosts/bekkalokk/services/webmail/default.nix b/hosts/bekkalokk/services/webmail/default.nix new file mode 100644 index 00000000..32b178e2 --- /dev/null +++ b/hosts/bekkalokk/services/webmail/default.nix @@ -0,0 +1,6 @@ +{ config, values, pkgs, ... }: +{ + imports = [ + ./roundcube.nix + ]; +} diff --git a/hosts/bekkalokk/services/webmail/roundcube.nix b/hosts/bekkalokk/services/webmail/roundcube.nix new file mode 100644 index 00000000..bedf84ff --- /dev/null +++ b/hosts/bekkalokk/services/webmail/roundcube.nix @@ -0,0 +1,34 @@ +{ config, pkgs, lib, ... }: + +with lib; +let + cfg = config.services.roundcube; + domain = "roundcube.pvv.ntnu.no"; +in +{ + services.roundcube = { + enable = true; + package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login plugins.thunderbird_labels plugins.contextmenu plugins.custom_from]); + dicts = with pkgs.aspellDicts; [ en en-science en-computers nb nn fr de it]; + maxAttachmentSize = 20; + # this is the url of the vhost, not necessarily the same as the fqdn of the mailserver + hostName = domain; + + extraConfig = '' + # starttls needed for authentication, so the fqdn required to match + # the certificate + $config['enable_installer'] = false; + $config['default_host'] = "ssl://imap.pvv.ntnu.no"; + $config['default_port'] = 993; + #$config['smtp_server'] = "tls://smtp.pvv.ntnu.no"; + #$config['smtp_port'] = 25; + $config['smtp_server'] = "ssl://smtp.pvv.ntnu.no"; + $config['smtp_port'] = 465; + # $config['smtp_user'] = "%u@pvv.ntnu.no"; + $config['mail_domain'] = "pvv.ntnu.no"; + $config['smtp_user'] = "%u"; + # $config['smtp_pass'] = "%p"; + $config['support_url'] = ""; + ''; + }; +} From 2a1e649eedf3d1f840c815ebe4f77d9129c6744d Mon Sep 17 00:00:00 2001 From: h7x4 Date: Sun, 26 Nov 2023 05:04:49 +0100 Subject: [PATCH 2/2] bekkalokk: fix roundcube, and move to webmail2.pvv.ntnu.no/roundcube --- hosts/bekkalokk/services/webmail/default.nix | 11 ++- .../bekkalokk/services/webmail/roundcube.nix | 86 ++++++++++++++----- 2 files changed, 73 insertions(+), 24 deletions(-) diff --git a/hosts/bekkalokk/services/webmail/default.nix b/hosts/bekkalokk/services/webmail/default.nix index 32b178e2..e61ad003 100644 --- a/hosts/bekkalokk/services/webmail/default.nix +++ b/hosts/bekkalokk/services/webmail/default.nix @@ -1,6 +1,15 @@ -{ config, values, pkgs, ... }: +{ config, values, pkgs, lib, ... }: { imports = [ ./roundcube.nix ]; + + services.nginx.virtualHosts."webmail2.pvv.ntnu.no" = { + forceSSL = true; + enableACME = true; + #locations."/" = lib.mkForce { }; + locations."= /" = { + return = "301 https://www.pvv.ntnu.no/mail/"; + }; + }; } diff --git a/hosts/bekkalokk/services/webmail/roundcube.nix b/hosts/bekkalokk/services/webmail/roundcube.nix index bedf84ff..c47caaea 100644 --- a/hosts/bekkalokk/services/webmail/roundcube.nix +++ b/hosts/bekkalokk/services/webmail/roundcube.nix @@ -3,32 +3,72 @@ with lib; let cfg = config.services.roundcube; - domain = "roundcube.pvv.ntnu.no"; + domain = "webmail2.pvv.ntnu.no"; in { services.roundcube = { - enable = true; - package = pkgs.roundcube.withPlugins (plugins: [ plugins.persistent_login plugins.thunderbird_labels plugins.contextmenu plugins.custom_from]); - dicts = with pkgs.aspellDicts; [ en en-science en-computers nb nn fr de it]; - maxAttachmentSize = 20; - # this is the url of the vhost, not necessarily the same as the fqdn of the mailserver - hostName = domain; + enable = true; - extraConfig = '' - # starttls needed for authentication, so the fqdn required to match - # the certificate - $config['enable_installer'] = false; - $config['default_host'] = "ssl://imap.pvv.ntnu.no"; - $config['default_port'] = 993; - #$config['smtp_server'] = "tls://smtp.pvv.ntnu.no"; - #$config['smtp_port'] = 25; - $config['smtp_server'] = "ssl://smtp.pvv.ntnu.no"; - $config['smtp_port'] = 465; - # $config['smtp_user'] = "%u@pvv.ntnu.no"; - $config['mail_domain'] = "pvv.ntnu.no"; - $config['smtp_user'] = "%u"; - # $config['smtp_pass'] = "%p"; - $config['support_url'] = ""; + package = pkgs.roundcube.withPlugins (plugins: with plugins; [ + persistent_login + thunderbird_labels + contextmenu + custom_from + ]); + + dicts = with pkgs.aspellDicts; [ en en-science en-computers nb nn fr de it ]; + maxAttachmentSize = 20; + hostName = "roundcubeplaceholder.example.com"; + + extraConfig = '' + $config['enable_installer'] = false; + $config['default_host'] = "ssl://imap.pvv.ntnu.no"; + $config['default_port'] = 993; + $config['smtp_server'] = "ssl://smtp.pvv.ntnu.no"; + $config['smtp_port'] = 465; + $config['mail_domain'] = "pvv.ntnu.no"; + $config['smtp_user'] = "%u"; + $config['support_url'] = ""; + ''; + }; + + services.nginx.virtualHosts."roundcubeplaceholder.example.com" = lib.mkForce { }; + + services.nginx.virtualHosts.${domain} = { + locations."/roundcube" = { + tryFiles = "$uri $uri/ =404"; + index = "index.php"; + root = pkgs.runCommandLocal "roundcube-dir" { } '' + mkdir -p $out + ln -s ${cfg.package} $out/roundcube ''; - }; + extraConfig = '' + location ~ ^/roundcube/(${builtins.concatStringsSep "|" [ + # https://wiki.archlinux.org/title/Roundcube + "README" + "INSTALL" + "LICENSE" + "CHANGELOG" + "UPGRADING" + "bin" + "SQL" + ".+\\.md" + "\\." + "config" + "temp" + "logs" + ]})/? { + deny all; + } + + location ~ ^/roundcube/(.+\.php)(/?.*)$ { + fastcgi_split_path_info ^/roundcube(/.+\.php)(/.+)$; + include ${config.services.nginx.package}/conf/fastcgi_params; + include ${config.services.nginx.package}/conf/fastcgi.conf; + fastcgi_index index.php; + fastcgi_pass unix:${config.services.phpfpm.pools.roundcube.socket}; + } + ''; + }; + }; }