self-hosting/modules/roundcube.nix

{
  pkgs,
  lib,
  config,
  ...
}:
let
  cfg = config.custom.services.roundcube;
in
{
  options.custom.services.roundcube = {
    enable = lib.mkEnableOption "roundcube";
  };

  config = lib.mkIf cfg.enable {
    sops.secrets = {
      pgPassFile = {
        owner = "nginx";
        key = "roundcube/pg_pass_file";
      };
      dbPassword = {
        owner = "nginx";
        key = "roundcube/db_password";
      };
    };

    services.roundcube = {
      enable = true;
      plugins = [ "managesieve" ];
      dicts = with pkgs.aspellDicts; [
        en
        fr
        de
      ];
      hostName = "webmail.banditlair.com";
      database = {
        host = "127.0.0.1";
        username = "roundcube";
        dbname = "roundcube";
        passwordFile = config.sops.secrets.pgPassFile.path;
      };

      extraConfig = ''
        # This override is required as a workaround for the nixpkgs config because we need a plain password instead of a pgpass file
        $password = file_get_contents('${config.sops.secrets.dbPassword.path}');
        $config['db_dsnw'] = 'pgsql://roundcube:' . $password . '@127.0.0.1/roundcube';

        $config['imap_host'] = 'ssl://mail.banditlair.com:993';
        $config['smtp_host'] = 'ssl://%h';
        $config['smtp_user'] = '%u';
        $config['smtp_pass'] = '%p';
        $config['identities_level'] = 0;
        $config['managesieve_host'] = 'tls://%h';
        $config['managesieve_auth_type'] = 'PLAIN';
      '';
    };
  };
}
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`{`
			`pkgs,`
			`lib,`
			`config,`
			`...`
			`}:`
			`let`
			`cfg = config.custom.services.roundcube;`
			`in`
			`{`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`options.custom.services.roundcube = {`
			`enable = lib.mkEnableOption "roundcube";`
Add Roundcube 2021-12-27 16:39:22 +01:00			`};`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`config = lib.mkIf cfg.enable {`
			`sops.secrets = {`
			`pgPassFile = {`
			`owner = "nginx";`
			`key = "roundcube/pg_pass_file";`
			`};`
			`dbPassword = {`
			`owner = "nginx";`
			`key = "roundcube/db_password";`
			`};`
Add Roundcube 2021-12-27 16:39:22 +01:00			`};`

Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`services.roundcube = {`
			`enable = true;`
			`plugins = [ "managesieve" ];`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`dicts = with pkgs.aspellDicts; [`
			`en`
			`fr`
			`de`
			`];`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`hostName = "webmail.banditlair.com";`
			`database = {`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`host = "127.0.0.1";`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`username = "roundcube";`
			`dbname = "roundcube";`
			`passwordFile = config.sops.secrets.pgPassFile.path;`
			`};`
Add Roundcube 2021-12-27 16:39:22 +01:00
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`extraConfig = ''`
			`# This override is required as a workaround for the nixpkgs config because we need a plain password instead of a pgpass file`
			`$password = file_get_contents('${config.sops.secrets.dbPassword.path}');`
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`$config['db_dsnw'] = 'pgsql://roundcube:' . $password . '@127.0.0.1/roundcube';`
Add Roundcube 2021-12-27 16:39:22 +01:00
Move everyting to hel1 except emails 2024-12-10 11:39:55 +01:00			`$config['imap_host'] = 'ssl://mail.banditlair.com:993';`
			`$config['smtp_host'] = 'ssl://%h';`
Finish migration to NixOS modules 2024-03-26 23:37:53 +01:00			`$config['smtp_user'] = '%u';`
			`$config['smtp_pass'] = '%p';`
			`$config['identities_level'] = 0;`
			`$config['managesieve_host'] = 'tls://%h';`
			`$config['managesieve_auth_type'] = 'PLAIN';`
			`'';`
			`};`
Add Roundcube 2021-12-27 16:39:22 +01:00			`};`
			`}`