From 0eefc1678432c4697eea243a3735e90d363a0281 Mon Sep 17 00:00:00 2001 From: Henry-Hiles Date: Tue, 22 Jul 2025 12:09:02 -0400 Subject: [PATCH] Roundcube WiP --- .../mail/roundcube/default.nix | 60 +++++++++ .../mail/roundcube/update.patch | 22 ++++ clients/quadraticserver/mail/sogo.nix | 122 ------------------ flake.lock | 38 +++--- 4 files changed, 101 insertions(+), 141 deletions(-) create mode 100644 clients/quadraticserver/mail/roundcube/default.nix create mode 100644 clients/quadraticserver/mail/roundcube/update.patch delete mode 100644 clients/quadraticserver/mail/sogo.nix diff --git a/clients/quadraticserver/mail/roundcube/default.nix b/clients/quadraticserver/mail/roundcube/default.nix new file mode 100644 index 0000000..5a4cc23 --- /dev/null +++ b/clients/quadraticserver/mail/roundcube/default.nix @@ -0,0 +1,60 @@ +{ + config, + pkgs, + ... +}: { + services = { + phpfpm.pools.roundcube.settings = { + "listen.owner" = "caddy"; + "listen.group" = "caddy"; + }; + roundcube = { + enable = true; + configureNginx = false; + + package = pkgs.roundcube.overrideAttrs (oldAttrs: { + version = "1.7-beta"; + + src = pkgs.fetchurl { + url = "https://github.com/roundcube/roundcubemail/releases/download/1.7-beta/roundcubemail-1.7-beta-complete.tar.gz"; + sha256 = "sha256-gYY+tyR1aPAo43oH3Prgwd0A7XmiFASZ7KWxXuf4vpk="; + }; + + patches = [./update.patch]; + + installPhase = '' + mkdir $out + cp -r * $out/ + ln -sf /etc/roundcube/config.inc.php $out/config/config.inc.php + rm -rf $out/installer + ''; + }); + + extraConfig = '' + // General + $config["skin_logo"] = "https://federated.nexus/images/icon.svg"; + $config["use_https"] = true; + + // OAuth + $config["oauth_provider"] = "generic"; + $config["oauth_provider_name"] = "Federated Nexus"; + $config["oauth_login_redirect"] = true; + + $config["oauth_config_uri"] = "https://auth.federated.nexus/.well-known/openid-configuration"; + + $config["oauth_client_id"] = "roundcube"; + $config["oauth_client_secret"] = "secret"; + + $config["oauth_scope"] = ""; + $config["oauth_scope"] = ""; + ''; + }; + + caddy.virtualHosts."mail.federated.nexus".extraConfig = '' + root * ${config.services.roundcube.package}/public_html + + php_fastcgi unix/${config.services.phpfpm.pools.roundcube.socket} + file_server + ''; + }; +} diff --git a/clients/quadraticserver/mail/roundcube/update.patch b/clients/quadraticserver/mail/roundcube/update.patch new file mode 100644 index 0000000..c7127be --- /dev/null +++ b/clients/quadraticserver/mail/roundcube/update.patch @@ -0,0 +1,22 @@ +From c0a516b09316a8bb73c872d9da2f584e5ed5b112 Mon Sep 17 00:00:00 2001 +From: Henry Hiles +Date: Mon, 21 Jul 2025 21:27:10 -0400 +Subject: [PATCH] Fix update script for nix + +--- + bin/update.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bin/update.sh b/bin/update.sh +index 5058f33f16..41361d9481 100755 +--- a/bin/update.sh ++++ b/bin/update.sh +@@ -19,7 +19,7 @@ + +-----------------------------------------------------------------------+ + */ + +-define('INSTALL_PATH', realpath(__DIR__ . '/..') . '/'); ++define('INSTALL_PATH', dirname(dirname($argv[0])).'/'); + + require_once INSTALL_PATH . 'program/include/clisetup.php'; + diff --git a/clients/quadraticserver/mail/sogo.nix b/clients/quadraticserver/mail/sogo.nix deleted file mode 100644 index 3613973..0000000 --- a/clients/quadraticserver/mail/sogo.nix +++ /dev/null @@ -1,122 +0,0 @@ -{ - lib, - pkgs, - config, - ... -}: { - nixpkgs.overlays = [ - (final: prev: { - sogo = prev.sogo.overrideAttrs (old: { - buildInputs = old.buildInputs ++ [prev.postgresql.lib]; - NIX_LDFLAGS = (old.NIX_LDFLAGS or "") + " -lpq"; - }); - }) - ]; - - services = let - domain = "mail.federated.nexus"; - in { - memcached = { - enable = true; - user = "sogo"; - enableUnixSocket = true; - extraOptions = [ - "-a" - "0600" - ]; - }; - - postgresql = { - enable = true; - enableTCPIP = true; - - ensureDatabases = ["sogo"]; - ensureUsers = [ - { - name = "sogo"; - ensureDBOwnership = true; - } - ]; - }; - - sogo = { - enable = true; - timezone = config.time.timeZone; - extraConfig = let - db = "postgresql://sogo@127.0.0.1/sogo"; - in '' - SOGoMailDomain = "federated.nexus"; - SOGoMemcachedHost = "/run/memcached/memcached.sock"; - - SOGoAuthenticationType = "openid"; - SOGoOpenIdConfigUrl = "https://auth.federated.nexus/.well-known/openid-configuration"; - SOGoOpenIdClient = "Federated Nexus Auth"; - SOGoOpenIdClientSecret = ""; - SOGoOpenIdScope = ""; - SOGoOpenIdTokenCheckInterval = 600; - - SOGoSMTPServer = "smtp://localhost"; - SOGoSMTPAuthenticationType = "xoauth2"; - - SOGoIMAPServer = "imap://localhost"; - NGImap4AuthMechanism = "xoauth2"; - - SOGoPageTitle = "Federated Nexus Mail"; - SOGoZipPath = "${lib.getExe pkgs.zip}"; - - OCSSessionsFolderURL = "${db}/sogo_sessions_folder"; - OCSFolderInfoURL = "${db}/sogo_folder_info"; - OCSOpenIdURL = "${db}/sogo_openid"; - MySQL4Encoding = "utf8mb4"; - ''; - }; - - caddy.virtualHosts."${domain}".extraConfig = '' - # Redirect root to /SOGo - @root path / - redir @root https://{host}/SOGo - - # Redirect /principals/ to /SOGo/dav - @principals path /principals/* - redir @principals https://{host}/SOGo/dav - - # Static assets for SOGo - handle_path /SOGo.woa/WebServerResources/* { - root * ${pkgs.sogo}/lib/GNUstep/SOGo/WebServerResources/ - file_server - } - - handle_path /SOGo/WebServerResources/* { - root * ${pkgs.sogo}/lib/GNUstep/SOGo/ - file_server - } - - # Regex match: ControlPanel products - @resources1 path_regexp resources1 ^/SOGo/so/ControlPanel/Products/([^/]*)/Resources/(.*)$ - handle @resources1 { - root * ${pkgs.sogo}/lib/GNUstep/SOGo/{http.regexp.resources1.1}.SOGo/Resources/ - rewrite * /{http.regexp.resources1.2} - file_server - } - - # Regex match: ControlPanel UI resources - @resources2 path_regexp resources2 ^/SOGo/so/ControlPanel/Products/([^/]*)UI/Resources/(.*\.(jpg|png|gif|css|js))$ - handle @resources2 { - root * ${pkgs.sogo}/lib/GNUstep/SOGo/{http.regexp.resources2.1}UI.SOGo/Resources/ - rewrite * /{http.regexp.resources2.2} - file_server - } - - # SOGo app proxy - handle_path /SOGo* { - reverse_proxy 127.0.0.1:20000 { - header_up x-webobjects-server-protocol HTTP/1.0 - header_up x-webobjects-remote-host 127.0.0.1 - header_up x-webobjects-server-port {server_port} - header_up x-webobjects-server-name {host} - header_up x-webobjects-server-url {scheme}://{host} - } - } - ''; - }; -} diff --git a/flake.lock b/flake.lock index a4a8d48..8551769 100644 --- a/flake.lock +++ b/flake.lock @@ -561,11 +561,11 @@ ] }, "locked": { - "lastModified": 1752718651, - "narHash": "sha256-PkaR0qmyP9q/MDN3uYa+RLeBA0PjvEQiM0rTDDBXkL8=", + "lastModified": 1753140376, + "narHash": "sha256-7lrVrE0jSvZHrxEzvnfHFE/Wkk9DDqb+mYCodI5uuB8=", "owner": "nix-community", "repo": "disko", - "rev": "d5ad4485e6f2edcc06751df65c5e16572877db88", + "rev": "545aba02960caa78a31bd9a8709a0ad4b6320a5c", "type": "github" }, "original": { @@ -798,11 +798,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1751413152, - "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", + "lastModified": 1753121425, + "narHash": "sha256-TVcTNvOeWWk1DXljFxVRp+E0tzG1LhrVjOGGoMHuXio=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", + "rev": "644e0fc48951a860279da645ba77fe4a6e814c5e", "type": "github" }, "original": { @@ -1275,11 +1275,11 @@ ] }, "locked": { - "lastModified": 1752814804, - "narHash": "sha256-irfg7lnfEpJY+3Cffkluzp2MTVw1Uq9QGxFp6qadcXI=", + "lastModified": 1753180535, + "narHash": "sha256-KEtlzMs2O7FDvciFtjk9W4hyau013Pj9qZNK9a0PxEc=", "owner": "nix-community", "repo": "home-manager", - "rev": "d0300c8808e41da81d6edfc202f3d3833c157daf", + "rev": "847711c7ffa9944b0c5c39a8342ac8eb6a9f9abc", "type": "github" }, "original": { @@ -1531,11 +1531,11 @@ ] }, "locked": { - "lastModified": 1753043463, - "narHash": "sha256-YLzOivNTm8Ho2z5Gt3v95T3uF3ujKxyTGDiDpH5oUiw=", + "lastModified": 1753199198, + "narHash": "sha256-EpuiJsrNADlwkJ8O/qt/EG0qKjJOQ0SIOe5mQyeBI1M=", "ref": "refs/heads/main", - "rev": "43ad7937f9be93c93379d5adb0878b8e98cdfd3f", - "revCount": 33, + "rev": "444fff5b6264bfb382aaaf1dc58f2a7d7e685392", + "revCount": 36, "type": "git", "url": "https://git.federated.nexus/Henry-Hiles/matrixoidc" }, @@ -2641,11 +2641,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1753038291, - "narHash": "sha256-lURYdS0bLEpd0CatDK2IYTKVqp75vzgJUi5yCej1k/A=", + "lastModified": 1753182975, + "narHash": "sha256-DYa27iNM4GBMLgcX6s6ix5tux8a/sjmrC8gRmDb9bvI=", "owner": "wamserma", "repo": "flake-programs-sqlite", - "rev": "c8ce0a0e0b95a201f2f931f441c58edf628a532a", + "rev": "a79f1edd18cc601501831336f82feb65b09a0185", "type": "github" }, "original": { @@ -2919,11 +2919,11 @@ "tinted-zed": "tinted-zed" }, "locked": { - "lastModified": 1753009241, - "narHash": "sha256-puhWbjjrOtOlYYV0R2J99V905vUjF+NqyK5N+kiVZXg=", + "lastModified": 1753117651, + "narHash": "sha256-7gWBlUOe2c0nYGyoVDa9hw15pI3DXDR0KK+nYh9KOpU=", "owner": "danth", "repo": "stylix", - "rev": "9242b3ec8e0d253f32614778ed4996af7aaf9438", + "rev": "ea60526c8c2a1c5df2743a9495814dc0b319ef3b", "type": "github" }, "original": {