preisi/mailnix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
mailnix/mailsystem/roundcube.nix

57 lines
2 KiB
Nix
Raw Blame History

{
config,
lib,
pkgs,
...
}:
with (import ./common.nix {inherit config pkgs;}); let
cfg = config.mailsystem;
roundcubeCfg = config.mailsystem.roundcube;
in {
options.mailsystem.roundcube = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Whether to enable roundcube in order to provide a webmail interface";
};
hostName = lib.mkOption {
type = lib.types.str;
default = cfg.fqdn;
description = "FQDN to be used by roundcube. Defaults to {option}`mailsystem.fqdn`.";
};
passwordHashingAlgorithm = lib.mkOption {
type = lib.types.str;
default = "BLF-CRYPT";
description = "Password hashing algorithm to be used with `doveadm pw`";
};
};
config = lib.mkIf (cfg.enable && roundcubeCfg.enable) {
services.roundcube = {
enable = true;
hostName = roundcubeCfg.hostName;
plugins = ["managesieve" "password"];
extraConfig = ''
// Use implicitly encrypted communications for imap and imap (implicit tls)
$config['imap_host'] = "ssl://${cfg.fqdn}";
$config['smtp_host'] = "ssl://${cfg.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
$config['managesieve_host'] = "localhost";
$config['password_driver'] = "dovecot_passwdfile";
$config['password_confirm_current'] = true;
$config['password_minimum_length'] = 8;
$config['password_algorithm'] = "dovecot";
// Enables saving the new password even if it machtes the old password. Useful
// for upgrading the stored passwords after the encryption scheme has changed.
$config['password_force_save'] = true;
$config['password_dovecot_passwdfile_path'] = "${dovecotDynamicPasswdFile}";
$config['password_dovecotpw'] = "${pkgs.dovecot}/bin/doveadm pw";
$config['password_dovecotpw_method'] = "${roundcubeCfg.passwordHashingAlgorithm}";
$config['password_dovecotpw_with_method'] = true;
'';
};
};
}
Reference in a new issue View git blame Copy permalink