diff options
author | Robin Gloster <mail@glob.in> | 2018-10-11 10:09:29 +0200 |
---|---|---|
committer | Robin Gloster <mail@glob.in> | 2018-11-28 18:52:10 +0100 |
commit | 9ace7f640996bb3e95f8233a74ef980af3a35559 (patch) | |
tree | 7b5f850422a484f1ceaff7eb6d1065530b085b53 /nixos | |
parent | 2f8073bd92a8289d52c19e574ea3db96911d9e82 (diff) |
roundcube: clean-up and add test
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/mail/roundcube.nix | 143 | ||||
-rw-r--r-- | nixos/tests/roundcube.nix | 28 |
2 files changed, 128 insertions, 43 deletions
diff --git a/nixos/modules/services/mail/roundcube.nix b/nixos/modules/services/mail/roundcube.nix index 4639af33b63cd..b4ab429b52008 100644 --- a/nixos/modules/services/mail/roundcube.nix +++ b/nixos/modules/services/mail/roundcube.nix @@ -9,65 +9,98 @@ in options.services.roundcube = { enable = mkEnableOption "Roundcube"; - listenAddress = mkOption { - type = types.str; - default = "[::]"; - description = "Listening address. IPv6 addresses must be enclosed in square brackets"; + nginx.enable = mkOption { + type = types.bool; + default = true; + description = '' + Whether to enable nginx virtual host management. + Further nginx configuration can be done by adapting <literal>services.nginx.virtualHosts.<name></literal>. + See <xref linkend="opt-services.nginx.virtualHosts"/> for further information. + ''; }; - listenPort = mkOption { - type = types.int; - default = 80; - description = "Listening port"; - }; - - subDomain = mkOption { + hostName = mkOption { type = types.str; example = "webmail"; - description = "Sub-domain to use which is the name of the nginx vhost"; + description = "Host name to use which for the nginx vhost"; }; - - extraConfig = mkOption { - type = types.str; - default = '' - <?php - $config = array(); - $config['db_dsnw'] = 'pgsql://roundcube:pass@localhost/roundcubemail'; - $config['db_prefix'] = 'rc'; - $config['default_host'] = 'tls://%h'; - $config['smtp_server'] = 'tls://%h'; - $config['smtp_user'] = '%u'; - $config['smtp_pass'] = '%p'; + database = { + username = mkOption { + type = types.str; + default = "roundcube"; + description = "Username for the postgresql connection"; + }; + host = mkOption { + type = types.str; + default = "localhost"; + description = "Host of the postgresql server"; + }; + password = mkOption { + type = types.str; + description = "Password for the postgresql connection"; + }; + dbname = mkOption { + type = types.str; + default = "roundcube"; + description = "Name of the postgresql database"; + }; + }; - $config['max_message_size'] = '25M'; + plugins = mkOption { + type = types.listOf types.str; + default = []; + description = '' + List of roundcube plugins to enable. ''; - description = "Configuration for roundcube webmail instance"; + }; + + extraConfig = mkOption { + type = types.lines; + default = ""; + description = "Extra configuration for roundcube webmail instance"; }; }; config = mkIf cfg.enable { - environment.etc."roundcube/config.inc.php".text = cfg.extraConfig; + environment.etc."roundcube/config.inc.php".text = '' + <?php - services.nginx.virtualHosts = { - "${cfg.subDomain}" = { - listen = [ { addr = cfg.listenAddress; port = cfg.listenPort; } ]; - locations."/" = { - root = pkgs.roundcube; - index = "index.php"; - extraConfig = '' - location ~* \.php$ { - fastcgi_split_path_info ^(.+\.php)(/.+)$; - fastcgi_pass unix:/run/phpfpm/roundcube; - include ${pkgs.nginx}/conf/fastcgi_params; - include ${pkgs.nginx}/conf/fastcgi.conf; - } - ''; + $config = array(); + $config['db_dsnw'] = 'pgsql://${cfg.database.username}:${cfg.database.password}@${cfg.database.host}/${cfg.database.dbname}'; + $config['log_driver'] = 'syslog'; + $config['max_message_size'] = '25M'; + $config['plugins'] = [${concatMapStringsSep "," (p: "'${p}'") cfg.plugins}]; + ${cfg.extraConfig} + ''; + + services.nginx = mkIf cfg.nginx.enable { + enable = true; + virtualHosts = { + ${cfg.hostName} = { + forceSSL = mkDefault true; + enableACME = mkDefault true; + locations."/" = { + root = pkgs.roundcube; + index = "index.php"; + extraConfig = '' + location ~* \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/run/phpfpm/roundcube; + include ${pkgs.nginx}/conf/fastcgi_params; + include ${pkgs.nginx}/conf/fastcgi.conf; + } + ''; + }; }; }; }; - services.phpfpm.poolConfigs.${cfg.subDomain} = '' + services.postgresql = mkIf (cfg.database.host == "localhost") { + enable = true; + }; + + services.phpfpm.poolConfigs.${cfg.hostName} = '' listen = /run/phpfpm/roundcube listen.owner = nginx listen.group = nginx @@ -84,6 +117,30 @@ in php_admin_value[post_max_size] = 25M php_admin_value[upload_max_filesize] = 25M catch_workers_output = yes - ''; + ''; + systemd.services.phpfpm-roundcube.after = [ "roundcube-setup.service" ]; + + systemd.services.roundcube-setup = let + pgSuperUser = config.services.postgresql.superUser; + in { + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; + wantedBy = [ "multi-user.target" ]; + path = [ config.services.postgresql.package ]; + script = '' + mkdir -p /var/lib/roundcube + if [ ! -f /var/lib/roundcube/db-created ]; then + if [ "${cfg.database.host}" = "localhost" ]; then + ${pkgs.sudo}/bin/sudo -u ${pgSuperUser} psql postgres -c "create role ${cfg.database.username} with login password '${cfg.database.password}'"; + ${pkgs.sudo}/bin/sudo -u ${pgSuperUser} psql postgres -c "create database ${cfg.database.dbname} with owner ${cfg.database.username}"; + fi + PGPASSWORD=${cfg.database.password} ${pkgs.postgresql}/bin/psql -U ${cfg.database.username} \ + -f ${pkgs.roundcube}/SQL/postgres.initial.sql \ + -h ${cfg.database.host} ${cfg.database.dbname} + touch /var/lib/roundcube/db-created + fi + ''; + serviceConfig.Type = "oneshot"; + }; }; } diff --git a/nixos/tests/roundcube.nix b/nixos/tests/roundcube.nix new file mode 100644 index 0000000000000..faa5f3fa0df0f --- /dev/null +++ b/nixos/tests/roundcube.nix @@ -0,0 +1,28 @@ +import ./make-test.nix ({ pkgs, ...} : { + name = "roundcube"; + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ globin ]; + }; + + nodes = { + roundcube = { config, pkgs, ... }: { + services.roundcube = { + enable = true; + hostName = "roundcube"; + nginx.enable = true; + database.password = "notproduction"; + }; + services.nginx.virtualHosts.roundcube = { + forceSSL = false; + enableACME = false; + }; + }; + }; + + testScript = '' + $roundcube->start; + $roundcube->waitForUnit("postgresql.service"); + $roundcube->waitForUnit("phpfpm-roundcube.service"); + $roundcube->succeed("curl -sSfL http://roundcube/"); + ''; +}) |