[email] add working webmail config

applications/email.nix

@@ -131,7 +131,7 @@
       "${cfg.sub}.${cfg.domain}" = {
         forceSSL    = true;
         useACMEHost = "skynet";
-        # override teh inbuilt nginx config
+        # override the inbuilt nginx config
         enableACME = false;
         serverName  = "${cfg.sub}.${cfg.domain}";
       };
@@ -139,18 +139,36 @@
 
     #https://nixos-mailserver.readthedocs.io/en/latest/add-roundcube.html
     users.groups.nginx = {};
+    users.groups.roundcube = {};
     services.roundcube = {
 		enable = true;
-      database.username = "roundcube";
 		# this is the url of the vhost, not necessarily the same as the fqdn of
 		# the mailserver
 		hostName = "${cfg.sub}.${cfg.domain}";
 		extraConfig = ''
         # starttls needed for authentication, so the fqdn required to match
         # the certificate
-        $config['smtp_server'] = "tls://${cfg.sub}.${cfg.domain}";
+        $config['smtp_server'] = "ssl://${cfg.sub}.${cfg.domain}";
         $config['smtp_user'] = "%u";
         $config['smtp_pass'] = "%p";
+		    $config['imap_host'] =  "ssl://${cfg.sub}.${cfg.domain}";
+		    $config['product_name'] = "Skynet Webmail";
+		    $config['identities_level'] = 4;
+		    $config['login_username_filter'] = "email";
+		    $config['ldap_public']['public'] = array(
+		      'name'              => 'Public LDAP Addressbook',
+			    'hosts'             => array('sso.skynet.ie'),
+			    'port'              => 636 ,
+			    'user_specific'     => false,
+			    'base_dn'           => 'ou=users,dc=skynet,dc=ie',
+			    'filter'            => '(skMemberOf=cn=skynet-users-linux,ou=groups,dc=skynet,dc=ie)',
+			    'fieldmap' => [
+			      // Roundcube  => LDAP:limit
+				      'name'        => 'cn',
+				      'surname'     => 'sn',
+				      'email'       => 'skMail:*',
+				    ]		
+			  );
 		  '';
     };