remove roundcube, fix quassel backups

2023-10-10 18:58:36 +01:00 · 2023-10-10 18:58:36 +01:00 · ab830d4469
parent 08c03910ae
commit ab830d4469
7 changed files with 0 additions and 128 deletions
--- a/hosts/hetzner-arm/containers/postgresql/profiles/postgres.nix
+++ b/hosts/hetzner-arm/containers/postgresql/profiles/postgres.nix
@ -15,7 +15,6 @@ in {
      "piped"
      "gotosocial"
      "quassel"
-      "roundcube"
    ];
    ensureUsers = [
      {
@ -30,10 +29,6 @@ in {
        name = "quassel";
        ensurePermissions."DATABASE quassel" = "ALL PRIVILEGES";
      }
-      {
-        name = "roundcube";
-        ensurePermissions."DATABASE roundcube" = "ALL PRIVILEGES";
-      }
    ];
    # If the host is a local container then use the container's IP
    # otherwise use the host's IP
@ -43,7 +38,6 @@ in {

      host gotosocial gotosocial ${localContainersAddresses.containers."social"}/32 trust
      host quassel quassel ${localContainersAddresses.containers."quassel"}/32 trust
-      host roundcube roundcube ${localContainersAddresses.containers."roundcube"}/32 trust
    '';
  };
 }
--- a/hosts/hetzner-arm/containers/postgresql/profiles/restic.nix
+++ b/hosts/hetzner-arm/containers/postgresql/profiles/restic.nix
@ -10,7 +10,6 @@
      systemctl start postgresqlBackup-piped --wait
      systemctl start postgresqlBackup-gotosocial --wait
      systemctl start postgresqlBackup-quassel --wait
-      systemctl start postgresqlBackup-roundcube --wait
    '')
  }/bin/backupPrepareCommand";
 in {
@ -55,7 +54,6 @@ in {
      "piped"
      "gotosocial"
      "quassel"
-      "roundcube"
    ];
    compression = "zstd";
  };
--- a/hosts/hetzner-arm/containers/quassel/profiles/restic.nix
+++ b/hosts/hetzner-arm/containers/quassel/profiles/restic.nix
@ -4,12 +4,6 @@
  ...
 }: let
  secrets = config.services.secrets.secrets;
-
-  backupPrepareCommand = "${
-    (pkgs.writeShellScriptBin "backupPrepareCommand" ''
-      systemctl start postgresqlBackup-quassel --wait
-    '')
-  }/bin/backupPrepareCommand";
 in {
  environment.systemPackages = with pkgs; [
    restic
@ -41,7 +35,5 @@ in {
      OnBootSec = "1m";
      OnCalendar = "daily";
    };
-
-    inherit backupPrepareCommand;
  };
 }
--- a/hosts/hetzner-arm/containers/roundcube/default.nix
+++ b/hosts/hetzner-arm/containers/roundcube/default.nix
@ -1,55 +0,0 @@
-{
-  self,
-  tree,
-  inputs,
-  config,
-  pkgs,
-  hostPath,
-  ...
-}: let
-  containerAddresses = import "${hostPath}/data/containerAddresses.nix";
-  hostIP = containerAddresses.host;
-  containerIP = containerAddresses.containers.roundcube;
-in {
-  containers.roundcube = {
-    autoStart = true;
-    privateNetwork = true;
-    hostAddress = hostIP;
-    localAddress = containerIP;
-
-    specialArgs = {
-      inherit inputs;
-      inherit tree;
-      inherit self;
-      inherit hostPath;
-    };
-
-    config = {...}: {
-      nixpkgs.pkgs = pkgs;
-
-      imports = with tree; [
-        presets.nixos.containerBase
-
-        profiles.nginx
-        profiles.sshd
-        profiles.firewallAllow.ssh
-
-        ./profiles/roundcube.nix
-      ];
-
-      home-manager.users.root.home.stateVersion = "23.05";
-      system.stateVersion = "23.05";
-    };
-  };
-
-  services.nginx = {
-    enable = true;
-    virtualHosts."mail.owo.monster" = {
-      forceSSL = true;
-      enableACME = true;
-      locations."/" = {
-        proxyPass = "http://unix:/var/lib/nixos-containers/roundcube/var/sockets/roundcube.sock";
-      };
-    };
-  };
-}
--- a/hosts/hetzner-arm/containers/roundcube/profiles/roundcube.nix
+++ b/hosts/hetzner-arm/containers/roundcube/profiles/roundcube.nix
@ -1,55 +0,0 @@
-{
-  pkgs,
-  lib,
-  hostPath,
-  ...
-}: let
-  inherit (lib.modules) mkForce;
-
-  localContainersAddresses = import "${hostPath}/data/containerAddresses.nix";
-in {
-  services.roundcube = {
-    enable = true;
-    hostName = "mail.owo.monster";
-    package = pkgs.roundcube.withPlugins (_plugins:
-      with pkgs.roundcubePlugins; [
-        persistent_login
-      ]);
-    plugins = [
-      "persistent_login"
-      "managesieve"
-    ];
-
-    database = {
-      host = localContainersAddresses.containers.postgresql;
-      passwordFile = builtins.toFile "pw" "";
-    };
-
-    extraConfig = ''
-      $config['smtp_server'] = "tls://mail.owo.monster";
-      $config['smtp_user'] = "%u";
-      $config['smtp_pass'] = "%p";
-      $config['managesieve_host'] = 'tls://mail.owo.monster';
-      $config['session_lifetime'] = (60 * 24 * 7 * 2); # 2 Weeks
-      $config['product_name'] = 'Chaos Mail';
-      $config['username_domain'] = "owo.monster";
-      $config['username_domain_forced'] = true;
-      $config['log_driver'] = 'syslog';
-      $config['smtp_debug'] = true;
-    '';
-  };
-
-  systemd.tmpfiles.rules = [
-    "d /var/sockets - nginx nginx"
-  ];
-
-  systemd.services.nginx.serviceConfig.ReadWritePaths = [
-    "/var/sockets"
-  ];
-
-  services.nginx.virtualHosts."mail.owo.monster" = {
-    forceSSL = mkForce false;
-    enableACME = mkForce false;
-    extraConfig = "listen unix:/var/sockets/roundcube.sock;";
-  };
-}
--- a/hosts/hetzner-arm/data/containerAddresses.nix
+++ b/hosts/hetzner-arm/data/containerAddresses.nix
@ -8,6 +8,5 @@
    forgejo = "10.0.1.6";
    postgresql = "10.0.1.7";
    piped-fi = "10.0.1.8";
-    roundcube = "10.0.1.9";
  };
 }
--- a/hosts/hetzner-arm/hetzner-arm.nix
+++ b/hosts/hetzner-arm/hetzner-arm.nix
@ -28,7 +28,6 @@ in {
      "piped-fi"
      "mail"
      "forgejo"
-      #"roundcube"
    ] (name: ./containers + "/${name}"))
    ++ (with hosts.hetzner-arm.profiles; [
      staticSites