mailsystem: Add configuration for roundcube as webmail interface
This commit is contained in:
parent
5583676384
commit
3d0e0dd95c
2 changed files with 57 additions and 0 deletions
|
|
@ -162,6 +162,7 @@ in {
|
||||||
./nginx.nix
|
./nginx.nix
|
||||||
./postfix.nix
|
./postfix.nix
|
||||||
./redis.nix
|
./redis.nix
|
||||||
|
./roundcube.nix
|
||||||
./rspamd.nix
|
./rspamd.nix
|
||||||
./user.nix
|
./user.nix
|
||||||
];
|
];
|
||||||
|
|
|
||||||
56
mailsystem/roundcube.nix
Normal file
56
mailsystem/roundcube.nix
Normal file
|
|
@ -0,0 +1,56 @@
|
||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
with (import ./common.nix {inherit config;}); let
|
||||||
|
cfg = config.mailsystem;
|
||||||
|
roundcubeCfg = config.mailsystem.roundcube;
|
||||||
|
in {
|
||||||
|
options.mailsystem.roundcube = {
|
||||||
|
enable = lib.mkOption {
|
||||||
|
type = lib.types.bool;
|
||||||
|
default = true;
|
||||||
|
description = "Whether to enable roundcube in order to provide a webmail interface";
|
||||||
|
};
|
||||||
|
hostName = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = cfg.fqdn;
|
||||||
|
description = "FQDN to be used by roundcube. Defaults to {option}`mailsystem.fqdn`.";
|
||||||
|
};
|
||||||
|
passwordHashingAlgorithm = lib.mkOption {
|
||||||
|
type = lib.types.str;
|
||||||
|
default = "BLF-CRYPT";
|
||||||
|
description = "Password hashing algorithm to be used with `doveadm pw`";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
config = lib.mkIf (cfg.enable && roundcubeCfg.enable) {
|
||||||
|
services.roundcube = {
|
||||||
|
enable = true;
|
||||||
|
hostName = roundcubeCfg.hostName;
|
||||||
|
plugins = ["managesieve" "password"];
|
||||||
|
extraConfig = ''
|
||||||
|
// Use starttls for authentication
|
||||||
|
$config['smtp_host'] = "tls://${cfg.fqdn}";
|
||||||
|
$config['smtp_user'] = "%u";
|
||||||
|
$config['smtp_pass'] = "%p";
|
||||||
|
|
||||||
|
$config['managesieve_host'] = "localhost";
|
||||||
|
|
||||||
|
$config['password_driver'] = "dovecot_passwdfile";
|
||||||
|
$config['password_confirm_current'] = true;
|
||||||
|
$config['password_minimum_length'] = 8;
|
||||||
|
$config['password_algorithm'] = "dovecot";
|
||||||
|
// Enables saving the new password even if it machtes the old password. Useful
|
||||||
|
// for upgrading the stored passwords after the encryption scheme has changed.
|
||||||
|
$config['password_force_save'] = true;
|
||||||
|
$config['password_dovecot_passwdfile_path'] = "${pkgs.dovecot}/bin/doveadm pw";
|
||||||
|
$config['password_dovecotpw'] = "${dovecotDynamicPasswdFile}";
|
||||||
|
$config['password_dovecotpw_method'] = "${roundcubeCfg.passwordHashingAlgorithm}";
|
||||||
|
$config['password_dovecotpw_with_method'] = true;
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
Loading…
Add table
Add a link
Reference in a new issue