From cbdbb945129873c4ab56cc4e36c38202e89c879e Mon Sep 17 00:00:00 2001
From: Thomas Preisner <mail@tpreisner.de>
Date: Sat, 28 Dec 2024 22:32:41 +0100
Subject: [PATCH] mailsystem: dovecot: Grant roundcube user access to dynamic
 passwd file

---
 mailsystem/dovecot.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/mailsystem/dovecot.nix b/mailsystem/dovecot.nix
index 4f17464..ac9ea3e 100644
--- a/mailsystem/dovecot.nix
+++ b/mailsystem/dovecot.nix
@@ -77,6 +77,11 @@ with (import ./common.nix {inherit config;}); let
     done
     mv "${dovecotDynamicPasswdFile}-filtered" "${dovecotDynamicPasswdFile}"
 
+    ${lib.optionalString cfg.roundcube.enable ''
+      # Ensure roundcube has access to dynamic passwd file
+      ${pkgs.acl.bin}/bin/setfacl -m "u:${config.services.phpfpm.pools.roundcube.user}:rw" "${dovecotDynamicPasswdFile}"
+    ''}
+
     # Prepare userdb-file
     cat <<EOF > "${userdbFile}"
     ${lib.concatStringsSep "\n" (lib.mapAttrsToList genUserdbEntry cfg.accounts)}