config/profiles/http/services/snappymail.nix

116 lines
3.5 KiB
Nix

# adapted from https://github.com/samrose/dotfiles-1/blob/8887ca3b01edecd83c2e95f01e42885ce26f76c5/nixos/eve/modules/snappymail.nix#L55
{ pkgs, config, lib, mkDomain, ... }:
let
maxUploadSize = "256M";
toKeyValue = lib.generators.toKeyValue {
mkKeyValue = lib.generators.mkKeyValueDefault {} " = ";
};
baseIni = pkgs.runCommand "application.ini" { # eww
nativeBuildInputs = [ pkgs.php ];
} ''
mkdir /tmp/foobar123
php-cgi "${pkgs.snappymail.override { dataPath = "/tmp/foobar123"; }}/index.php" >/dev/null
cp /tmp/foobar123/_data_/_default_/configs/application.ini $out
'';
extendIni = baseFile: fname: args: pkgs.runCommand fname { # eww
preferLocalBuild = true;
nativeBuildInputs = [ pkgs.initool ];
} ''
cat ${baseFile} |
${lib.pipe args [
(lib.mapAttrsToList (section: data: lib.mapAttrsToList (key: val: { inherit section key val; }) data))
lib.flatten
(builtins.map ({ section, key, val }: ''
initool s - ${lib.escapeShellArgs [ section key val ]} |
''))
lib.concatStrings
]}
cat > $out
'';
modifiedIni = with builtins; extendIni baseIni "application.ini" {
webmail.title = "pbsds SnappyMail";
webmail.loading_description = "pbsds SnappyMail";
webmail.messages_per_page = 20;
contacts.type = "pgsql";
contacts.pdo_dsn = ''"pgsql:host=/run/postgresql;port=${toString config.services.postgresql.port};dbname=snappymail"'';
contacts.pdo_user = "snappymail";
contacts.pdo_password = "";
login.default_domain = "imap.fyrkat.no";
#security.allow_admin_panel = "Off";
};
in
{
services.phpfpm.pools.snappymail = {
user = "snappymail";
group = "snappymail";
phpOptions = toKeyValue {
upload_max_filesize = maxUploadSize;
post_max_size = maxUploadSize;
memory_limit = maxUploadSize;
};
settings = {
"listen.owner" = "nginx";
"listen.group" = "nginx";
"pm" = "ondemand";
"pm.max_children" = 32;
"pm.process_idle_timeout" = "10s";
"pm.max_requests" = 500;
};
};
services.postgresql.ensureDatabases = [ "snappymail" ];
services.postgresql.ensureUsers = [
{
name = "snappymail";
ensurePermissions."DATABASE snappymail" = "ALL PRIVILEGES";
}
];
#services.nginx.preStart = ''
systemd.services."phpfpm-snappymail".preStart = ''
mkdir -p /var/lib/snappymail/_data_/_default_/configs
ln -sf ${modifiedIni} /var/lib/snappymail/_data_/_default_/configs/application.ini
'';
services.nginx.virtualHosts.${mkDomain "snappymail"} = {
forceSSL = true; # addSSL = true;
enableACME = true; #useACMEHost = acmeDomain;
locations."/".extraConfig = ''
index index.php;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
'';
locations."^~ /data".extraConfig = ''
deny all;
'';
locations."~ \.php$".extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:${config.services.phpfpm.pools.snappymail.socket};
'';
extraConfig = ''
client_max_body_size ${maxUploadSize};
'';
root = pkgs.snappymail.override {
dataPath = "/var/lib/snappymail"; # the default
};
};
users.users.snappymail = {
isSystemUser = true;
createHome = true;
home = "/var/lib/snappymail";
group = "snappymail";
};
users.groups.snappymail = {};
}