{ config, pkgs, lib, ... }: let domain = config.networking.domain; roundcubeRoot = "${config.services.roundcube.package}/public_html"; # PHP-FPM socket created by the roundcube module (pool named "roundcube"): fpmSocket = config.services.phpfpm.pools.roundcube.socket; in { # DB for Roundcube (PostgreSQL shown; MariaDB works too) services.postgresql = { enable = true; ensureDatabases = [ "roundcube" ]; ensureUsers = [ { name = "roundcube"; ensureDBOwnership = true; } ]; }; services.roundcube = { enable = true; configureNginx = false; # <-- you’ll provide your own vhost plugins = [ "managesieve" "archive" "zipdownload" ]; database = { host = "localhost"; dbname = "roundcube"; username = "roundcube"; }; extraConfig = '' // IMAP & SMTP $config['imap_host'] = 'ssl://imap.${domain}:993'; $config['smtp_host'] = 'tls://mail.${domain}:587'; $config['smtp_user'] = '%u'; $config['smtp_pass'] = '%p'; // ManageSieve (filters + vacation) $config['managesieve_host'] = 'tls://imap.${domain}:4190'; ''; }; services.nginx = { enable = true; virtualHosts."webmail.${domain}" = { forceSSL = true; enableACME = true; root = roundcubeRoot; extraConfig = '' client_max_body_size 50m; ''; locations = { # Serve static assets directly "~* ^/(favicon\\.ico|robots\\.txt|browserconfig\\.xml)$".tryFiles = "$uri =404"; "~* ^/(assets|installer|public|skins|plugins)/" = { tryFiles = "$uri =404"; }; # PHP entry points "~ \\.php$" = { extraConfig = '' include ${pkgs.nginx}/conf/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param HTTPS on; fastcgi_pass unix:${fpmSocket}; fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; ''; }; # Default: let Roundcube handle routing "/" = { tryFiles = "$uri /index.php?$query_string"; }; }; }; }; }