From 47b88cfd355707c6d1f55d9b43f0049b1de0f52e Mon Sep 17 00:00:00 2001 From: derped Date: Thu, 26 Dec 2019 11:05:18 +0100 Subject: [PATCH] Start migrating to NixOS mailman3 service. --- services/default.nix | 1 + services/mailman3.nix | 53 ++++++++++++++++++++++++++++ services/nginx_vHosts/hyperkitty.nix | 9 +++++ services/nginx_vHosts/mailman3.nix | 17 +++++++++ 4 files changed, 80 insertions(+) create mode 100644 services/mailman3.nix create mode 100644 services/nginx_vHosts/hyperkitty.nix create mode 100644 services/nginx_vHosts/mailman3.nix diff --git a/services/default.nix b/services/default.nix index 7dc3c30..2ae0413 100644 --- a/services/default.nix +++ b/services/default.nix @@ -7,6 +7,7 @@ ./hydra.nix ./mailserver/default.nix ./mailserver.nix + ./mailman3.nix ./mariaDB.nix ./nextcloud.nix ./nginx.nix diff --git a/services/mailman3.nix b/services/mailman3.nix new file mode 100644 index 0000000..38de55c --- /dev/null +++ b/services/mailman3.nix @@ -0,0 +1,53 @@ +{ config, lib, ... }: + +with lib; + +let + cfg = config.machine; +in mkIf (elem "mailman3" config.machine.services) { + services.mailman = { + enable = true; + hyperkittyApiKey = (fileContents "${cfg.secretPath}/hyperkittyApiKey"); + hyperkittyBaseUrl = (findFirst (s: s.service == "hyperkitty") cfg cfg.vHosts).domain; + siteOwner = "postmaster@${cfg.domain}"; + # webHosts = []; + }; + + services.uwsgi = { + enable = true; + plugins = [ "python3" ]; + user = "nginx"; + group = "nginx"; + instance = { + type = "emperor"; + vassals = { + mailman-web = { + type = "normal"; + plugin = "python3"; + pythonPackages = self: with self; [ + django-mailman3 postorius + ]; +# module = "mailman-web.wsgi"; + socket = "${config.services.uwsgi.runDir}/mailman-web.sock"; + wsgi-file = "wsgi.py"; + chdir = config.services.mailman.webRoot; + logger = "file:/var/log/uwsgi/mailman-web-error.log"; + }; + }; + }; + }; + + # have to override some stuff because whoever wrote the submodule didn't think about shit when he/she wrote it >.< + # TODO: + # - write a PR for nixpkgs to fix this stuff + # - /var/lib/mailman-web does not exist by default, should be added by the submodule + # - the API key should not be public (even for local users (even worse if your store is public (in case of hosting a binary cache))) + systemd.services.mailman-web.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty-minutely.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty-quarter-hourly.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty-hourly.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty-daily.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty-weekly.serviceConfig.User = mkForce "nginx"; + systemd.services.hyperkitty-yearly.serviceConfig.User = mkForce "nginx"; +} diff --git a/services/nginx_vHosts/hyperkitty.nix b/services/nginx_vHosts/hyperkitty.nix new file mode 100644 index 0000000..fc4af85 --- /dev/null +++ b/services/nginx_vHosts/hyperkitty.nix @@ -0,0 +1,9 @@ +{ config, lib, ... }: + +with lib; + +{ + vHost = { + root = "/var/www"; + }; +}.vHost diff --git a/services/nginx_vHosts/mailman3.nix b/services/nginx_vHosts/mailman3.nix new file mode 100644 index 0000000..3c9457e --- /dev/null +++ b/services/nginx_vHosts/mailman3.nix @@ -0,0 +1,17 @@ +{ pkgs, config, lib, ... }: + +with lib; + +{ + vHost = if config.services.mailman.enable then { + locations = { + "/static/".extraConfig = '' + alias /var/lib/mailman-web; + ''; + "/".extraConfig = '' + uwsgi_pass unix://${config.services.uwsgi.runDir}/mailman-web.sock; + include ${pkgs.nginx}/conf/uwsgi_params; + ''; + }; + } else {}; +}.vHost