From 76bb322561b0e09c57574c350a58d76c9c798c78 Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Tue, 8 Aug 2023 00:41:26 +0900
Subject: feat(modules/nixos-mailserver): add roundcube webmail

---
 modules/services/nixos-mailserver.nix | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/modules/services/nixos-mailserver.nix b/modules/services/nixos-mailserver.nix
index 59571bc..81d017f 100644
--- a/modules/services/nixos-mailserver.nix
+++ b/modules/services/nixos-mailserver.nix
@@ -9,6 +9,15 @@ in
 
   options.modules.services.nixos-mailserver = {
     enable = mkEnableOption "nixos-mailserver";
+    webmail = {
+      enable = mkOption {
+        type = types.bool;
+        default = false;
+        description = lib.mdDoc "Whether to enable roundcube webmail";
+      };
+      domain = mkOption { type = types.str; };
+      realHost = mkOption { type = types.str; };
+    };
   };
 
   config = mkIf cfg.enable {
@@ -108,6 +117,27 @@ in
       virusScanning = false;
     };
 
+    services.roundcube = mkIf cfg.webmail.enable {
+      enable = true;
+      hostName = cfg.webmail.realHost;
+      database.host = "localhost"; # use localDB, pgsql db/user creation is done automatically.
+
+      plugins = [
+        "archive"
+        "enigma"
+        "help"
+        "markasjunk"
+        "vcard_attachments"
+        "zipdownload"
+      ];
+    };
+
+    services.nginx.virtualHosts.${cfg.webmail.realHost} = {
+      enableACME = mkForce false; # conflicts with useACMEHost
+      forceSSL = true;
+      useACMEHost = cfg.webmail.domain;
+    };
+
     environment.persistence."/persist".directories = [
       "/var/lib/dovecot"
       "/var/lib/rspamd"
-- 
cgit 1.4.1