Finish migration to NixOS modules

2025-12-25 05:36:59 +01:00 · 2024-03-26 23:37:53 +01:00 · 2024-03-26 23:37:53 +01:00 · d944e36197
commit d944e36197
parent aef5eabce5
21 changed files with 1071 additions and 1151 deletions
--- a/modules/roundcube.nix
+++ b/modules/roundcube.nix
@ -1,42 +1,47 @@
 { pkgs, lib, config, ... }:
-{
-
-  sops.secrets = {
-    pgPassFile = {
-      owner = "nginx";
-      key = "roundcube/pg_pass_file";
-    };
-    dbPassword = {
-      owner = "nginx";
-      key = "roundcube/db_password";
-    };
+let cfg = config.custom.services.roundcube;
+in {
+  options.custom.services.roundcube = {
+    enable = lib.mkEnableOption "roundcube";
  };

-  services.roundcube = {
-    enable = true;
-    plugins = [ "managesieve" ];
-    dicts = with pkgs.aspellDicts; [ en fr de ];
-    hostName = "webmail.banditlair.com";
-    database = {
-      host = "10.0.1.11";
-      username = "roundcube";
-      dbname = "roundcube";
-      passwordFile = config.sops.secrets.pgPassFile.path;
+  config = lib.mkIf cfg.enable {
+    sops.secrets = {
+      pgPassFile = {
+        owner = "nginx";
+        key = "roundcube/pg_pass_file";
+      };
+      dbPassword = {
+        owner = "nginx";
+        key = "roundcube/db_password";
+      };
    };

+    services.roundcube = {
+      enable = true;
+      plugins = [ "managesieve" ];
+      dicts = with pkgs.aspellDicts; [ en fr de ];
+      hostName = "webmail.banditlair.com";
+      database = {
+        host = "10.0.1.11";
+        username = "roundcube";
+        dbname = "roundcube";
+        passwordFile = config.sops.secrets.pgPassFile.path;
+      };

-    extraConfig = ''
-      # This override is required as a workaround for the nixpkgs config because we need a plain password instead of a pgpass file
-      $password = file_get_contents('${config.sops.secrets.dbPassword.path}');
-      $config['db_dsnw'] = 'pgsql://roundcube:' . $password . '@10.0.1.11/roundcube';
+      extraConfig = ''
+        # This override is required as a workaround for the nixpkgs config because we need a plain password instead of a pgpass file
+        $password = file_get_contents('${config.sops.secrets.dbPassword.path}');
+        $config['db_dsnw'] = 'pgsql://roundcube:' . $password . '@10.0.1.11/roundcube';

-      $config['default_host'] = 'ssl://mail.banditlair.com:993';
-      $config['smtp_server'] = 'ssl://%h';
-      $config['smtp_user'] = '%u';
-      $config['smtp_pass'] = '%p';
-      $config['identities_level'] = 0;
-      $config['managesieve_host'] = 'tls://%h';
-      $config['managesieve_auth_type'] = 'PLAIN';
-    '';
+        $config['default_host'] = 'ssl://mail.banditlair.com:993';
+        $config['smtp_server'] = 'ssl://%h';
+        $config['smtp_user'] = '%u';
+        $config['smtp_pass'] = '%p';
+        $config['identities_level'] = 0;
+        $config['managesieve_host'] = 'tls://%h';
+        $config['managesieve_auth_type'] = 'PLAIN';
+      '';
+    };
  };
 }