voyager: move snappymail

This commit is contained in:
Felix Albrigtsen 2024-01-02 21:43:04 +01:00
parent 988293113d
commit b33dbd728e
3 changed files with 120 additions and 116 deletions

View File

@ -39,19 +39,6 @@
zfs zfs
]; ];
services.snappymail = {
enable = true;
hostname = "mail.home.feal.no";
};
services.nginx.virtualHosts."${config.services.snappymail.hostname}" = let
certPath = "/etc/ssl-snakeoil/mail_home_feal_no";
in {
addSSL = true;
sslCertificate = "${certPath}.crt";
sslCertificateKey = "${certPath}.key";
};
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.backend = "docker";

View File

@ -0,0 +1,108 @@
{ config, pkgs, lib, ... }:
let
inherit (lib) mkDefault mkEnableOption mkForce mkIf mkOption mkPackageOption generators types;
cfg = config.services.snappymail;
maxUploadSize = "256M";
in {
options.services.snappymail = {
enable = mkEnableOption (lib.mdDoc "Snappymail");
package = mkOption {
type = types.package;
default = pkgs.snappymail;
defaultText = lib.mdDoc "pkgs.snappymail";
description = lib.mdDoc "Which snappymail package to use.";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/snappymail";
description = "State directory for snappymail";
};
hostname = mkOption {
type = types.str;
/* default = null; */
example = "mail.example.com";
description = "Enable nginx with this hostname, null disables nginx";
};
user = mkOption {
type = types.str;
default = "snappymail";
description = lib.mdDoc "System user under which snappymail runs";
};
group = mkOption {
type = types.str;
default = "snappymail";
description = lib.mdDoc "System group under which snappymail runs";
};
};
config = mkIf cfg.enable {
users.users = mkIf (cfg.user == "snappymail") {
snappymail = {
description = "Snappymail service";
group = cfg.group;
home = cfg.dataDir;
useDefaultShell = true;
createHome = true;
isSystemUser = true;
};
};
users.groups = mkIf (cfg.group == "snappymail") {
snappymail = {};
};
services.phpfpm.pools.snappymail = {
user = cfg.user;
group = cfg.group;
phpOptions = generators.toKeyValue {} {
upload_max_filesize = maxUploadSize;
post_max_size = maxUploadSize;
memory_limit = maxUploadSize;
};
settings = {
"listen.owner" = config.services.nginx.user;
"listen.group" = config.services.nginx.group;
"pm" = "ondemand";
"pm.max_children" = 32;
"pm.process_idle_timeout" = "10s";
"pm.max_requests" = 500;
};
};
services.nginx = mkIf (cfg.hostname != null) {
virtualHosts."${cfg.hostname}" = {
locations."/".extraConfig = ''
index index.php;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
'';
locations."^~ /data".extraConfig = ''
deny all;
'';
locations."~ \.php$".extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:${config.services.phpfpm.pools.snappymail.socket};
'';
extraConfig = ''
client_max_body_size ${maxUploadSize};
'';
root = if (cfg.package == pkgs.snappymail) then
pkgs.snappymail.override {
dataPath = cfg.dataDir;
}
else cfg.package;
};
};
};
}

View File

@ -1,108 +1,17 @@
{ config, pkgs, lib, ... }: { config, lib, pkgs, ... }:
{
imports = [ ../modules/snappymail.nix ];
let services.snappymail = {
inherit (lib) mkDefault mkEnableOption mkForce mkIf mkOption mkPackageOption generators types; enable = true;
hostname = "mail.home.feal.no";
cfg = config.services.snappymail; };
maxUploadSize = "256M"; services.nginx.virtualHosts."${config.services.snappymail.hostname}" = let
certPath = "/etc/ssl-snakeoil/mail_home_feal_no";
in { in {
options.services.snappymail = { addSSL = true;
enable = mkEnableOption (lib.mdDoc "Snappymail");
package = mkOption { sslCertificate = "${certPath}.crt";
type = types.package; sslCertificateKey = "${certPath}.key";
default = pkgs.snappymail;
defaultText = lib.mdDoc "pkgs.snappymail";
description = lib.mdDoc "Which snappymail package to use.";
};
dataDir = mkOption {
type = types.str;
default = "/var/lib/snappymail";
description = "State directory for snappymail";
};
hostname = mkOption {
type = types.str;
/* default = null; */
example = "mail.example.com";
description = "Enable nginx with this hostname, null disables nginx";
};
user = mkOption {
type = types.str;
default = "snappymail";
description = lib.mdDoc "System user under which snappymail runs";
};
group = mkOption {
type = types.str;
default = "snappymail";
description = lib.mdDoc "System group under which snappymail runs";
};
};
config = mkIf cfg.enable {
users.users = mkIf (cfg.user == "snappymail") {
snappymail = {
description = "Snappymail service";
group = cfg.group;
home = cfg.dataDir;
useDefaultShell = true;
createHome = true;
isSystemUser = true;
};
};
users.groups = mkIf (cfg.group == "snappymail") {
snappymail = {};
};
services.phpfpm.pools.snappymail = {
user = cfg.user;
group = cfg.group;
phpOptions = generators.toKeyValue {} {
upload_max_filesize = maxUploadSize;
post_max_size = maxUploadSize;
memory_limit = maxUploadSize;
};
settings = {
"listen.owner" = config.services.nginx.user;
"listen.group" = config.services.nginx.group;
"pm" = "ondemand";
"pm.max_children" = 32;
"pm.process_idle_timeout" = "10s";
"pm.max_requests" = 500;
};
};
services.nginx = mkIf (cfg.hostname != null) {
virtualHosts."${cfg.hostname}" = {
locations."/".extraConfig = ''
index index.php;
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
'';
locations."^~ /data".extraConfig = ''
deny all;
'';
locations."~ \.php$".extraConfig = ''
include ${pkgs.nginx}/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:${config.services.phpfpm.pools.snappymail.socket};
'';
extraConfig = ''
client_max_body_size ${maxUploadSize};
'';
root = if (cfg.package == pkgs.snappymail) then
pkgs.snappymail.override {
dataPath = cfg.dataDir;
}
else cfg.package;
};
};
}; };
} }