mailsystem: dovecot: Grant roundcube user access to dynamic passwd file

mailsystem/dovecot.nix

@@ -77,6 +77,11 @@ with (import ./common.nix {inherit config;}); let
     done
     mv "${dovecotDynamicPasswdFile}-filtered" "${dovecotDynamicPasswdFile}"
 
+    ${lib.optionalString cfg.roundcube.enable ''
+      # Ensure roundcube has access to dynamic passwd file
+      ${pkgs.acl.bin}/bin/setfacl -m "u:${config.services.phpfpm.pools.roundcube.user}:rw" "${dovecotDynamicPasswdFile}"
+    ''}
+
     # Prepare userdb-file
     cat <<EOF > "${userdbFile}"
     ${lib.concatStringsSep "\n" (lib.mapAttrsToList genUserdbEntry cfg.accounts)}