nixos/services/mailman3.nix

54 lines
2 KiB
Nix
Raw Permalink Normal View History

{ config, lib, ... }:
with lib;
let
cfg = config.machine;
in mkIf (elem "mailman3" config.machine.services) {
services.mailman = {
enable = true;
hyperkittyApiKey = (fileContents "${cfg.secretPath}/hyperkittyApiKey");
hyperkittyBaseUrl = (findFirst (s: s.service == "hyperkitty") cfg cfg.vHosts).domain;
siteOwner = "postmaster@${cfg.domain}";
# webHosts = [];
};
services.uwsgi = {
enable = true;
plugins = [ "python3" ];
user = "nginx";
group = "nginx";
instance = {
type = "emperor";
vassals = {
mailman-web = {
type = "normal";
plugin = "python3";
pythonPackages = self: with self; [
django-mailman3 postorius
];
# module = "mailman-web.wsgi";
socket = "${config.services.uwsgi.runDir}/mailman-web.sock";
wsgi-file = "wsgi.py";
chdir = config.services.mailman.webRoot;
logger = "file:/var/log/uwsgi/mailman-web-error.log";
};
};
};
};
# have to override some stuff because whoever wrote the submodule didn't think about shit when he/she wrote it >.<
# TODO:
# - write a PR for nixpkgs to fix this stuff
# - /var/lib/mailman-web does not exist by default, should be added by the submodule
# - the API key should not be public (even for local users (even worse if your store is public (in case of hosting a binary cache)))
systemd.services.mailman-web.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty-minutely.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty-quarter-hourly.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty-hourly.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty-daily.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty-weekly.serviceConfig.User = mkForce "nginx";
systemd.services.hyperkitty-yearly.serviceConfig.User = mkForce "nginx";
}