From 57e9a8a290cbeeb173b12d6bec1681e177ce6570 Mon Sep 17 00:00:00 2001
From: "Benedikt M. Rips" <benedikt.rips@gmail.com>
Date: Sun, 23 Mar 2025 15:01:35 +0100
Subject: [PATCH] davmail: init module (#6674)

---
 modules/lib/maintainers.nix                   |   6 +
 modules/modules.nix                           |   1 +
 modules/services/davmail.nix                  | 128 ++++++++++++++++++
 tests/default.nix                             |   1 +
 .../services/davmail/custom-settings.nix      |  41 ++++++
 tests/modules/services/davmail/default.nix    |   4 +
 .../services/davmail/imitateOutlook.nix       |  37 +++++
 7 files changed, 218 insertions(+)
 create mode 100644 modules/services/davmail.nix
 create mode 100644 tests/modules/services/davmail/custom-settings.nix
 create mode 100644 tests/modules/services/davmail/default.nix
 create mode 100644 tests/modules/services/davmail/imitateOutlook.nix

diff --git a/modules/lib/maintainers.nix b/modules/lib/maintainers.nix
index 61f3a4f1..e6a43034 100644
--- a/modules/lib/maintainers.nix
+++ b/modules/lib/maintainers.nix
@@ -66,6 +66,12 @@
     github = "bertof";
     githubId = 9915675;
   };
+  bmrips = {
+    name = "Benedikt Rips";
+    email = "benedikt.rips@gmail.com";
+    github = "bmrips";
+    githubId = 20407973;
+  };
   bricked = {
     name = "Bricked";
     email = "hello@bricked.dev";
diff --git a/modules/modules.nix b/modules/modules.nix
index e19f8115..68bdf73e 100644
--- a/modules/modules.nix
+++ b/modules/modules.nix
@@ -316,6 +316,7 @@ let
     ./services/conky.nix
     ./services/copyq.nix
     ./services/darkman.nix
+    ./services/davmail.nix
     ./services/devilspie2.nix
     ./services/dropbox.nix
     ./services/dunst.nix
diff --git a/modules/services/davmail.nix b/modules/services/davmail.nix
new file mode 100644
index 00000000..5eb2f80a
--- /dev/null
+++ b/modules/services/davmail.nix
@@ -0,0 +1,128 @@
+{ config, lib, pkgs, ... }:
+let
+
+  inherit (lib)
+    mapAttrsRecursive mkDefault mkEnableOption mkIf mkOption optionalAttrs
+    types;
+
+  cfg = config.services.davmail;
+
+  javaProperties = pkgs.formats.javaProperties { };
+
+  settingsFile = javaProperties.generate "davmail.properties" cfg.settings;
+
+in {
+
+  meta.maintainers = [ lib.hm.maintainers.bmrips ];
+
+  options.services.davmail = {
+
+    enable = mkEnableOption "DavMail, an MS Exchange gateway.";
+
+    imitateOutlook = mkOption {
+      type = types.bool;
+      default = false;
+      description = "Whether DavMail pretends to be Outlook.";
+      example = true;
+    };
+
+    settings = mkOption {
+      type = javaProperties.type;
+      default = { };
+      description = ''
+        Davmail configuration. Refer to
+        <http://davmail.sourceforge.net/serversetup.html>
+        and <http://davmail.sourceforge.net/advanced.html>
+        for details on supported values.
+      '';
+      example = {
+        "davmail.url" = "https://outlook.office365.com/EWS/Exchange.asmx";
+        "davmail.allowRemote" = true;
+        "davmail.imapPort" = 55555;
+        "davmail.bindAddress" = "10.0.1.2";
+        "davmail.smtpSaveInSent" = true;
+        "davmail.folderSizeLimit" = 10;
+        "davmail.caldavAutoSchedule" = false;
+        "log4j.logger.rootLogger" = "DEBUG";
+      };
+    };
+
+  };
+
+  config = mkIf cfg.enable {
+
+    assertions = [{
+      assertion = pkgs.stdenv.hostPlatform.isLinux;
+      message = "The DavMail service is only available on Linux.";
+    }];
+
+    services.davmail.settings = mapAttrsRecursive (_: mkDefault) {
+      "davmail.server" = true;
+      "davmail.disableUpdateCheck" = true;
+      "davmail.logFilePath" = "${config.xdg.stateHome}/davmail.log";
+      "davmail.logFileSize" = "1MB";
+      "davmail.mode" = "auto";
+      "davmail.url" = "https://outlook.office365.com/EWS/Exchange.asmx";
+      "davmail.caldavPort" = 1080;
+      "davmail.imapPort" = 1143;
+      "davmail.ldapPort" = 1389;
+      "davmail.popPort" = 1110;
+      "davmail.smtpPort" = 1025;
+
+      # The token file path is set because, otherwise, if oauth.persistToken
+      # is enabled, DavMail would attempt to write the token into generated
+      # configuration which lays in the Nix store.
+      "davmail.oauth.tokenFilePath" = "${config.xdg.stateHome}/davmail-tokens";
+
+      "log4j.logger.davmail" = "WARN";
+      "log4j.logger.httpclient.wire" = "WARN";
+      "log4j.logger.org.apache.commons.httpclient" = "WARN";
+      "log4j.rootLogger" = "WARN";
+    } // optionalAttrs cfg.imitateOutlook {
+      "davmail.oauth.clientId" = "d3590ed6-52b3-4102-aeff-aad2292ab01c";
+      "davmail.oauth.redirectUri" = "urn:ietf:wg:oauth:2.0:oob";
+    };
+
+    systemd.user.services.davmail = {
+      Unit = {
+        Description = "DavMail POP/IMAP/SMTP Exchange Gateway";
+        After = [ "graphical-session.target" "network.target" ];
+      };
+      Install.WantedBy = [ "graphical-session.target" ];
+      Service = {
+        Type = "simple";
+        ExecStart = "${pkgs.davmail}/bin/davmail ${settingsFile}";
+        Restart = "on-failure";
+
+        CapabilityBoundingSet = [ "" ];
+        DeviceAllow = [ "" ];
+        LockPersonality = true;
+        NoNewPrivileges = true;
+        PrivateDevices = true;
+        PrivateTmp = true;
+        PrivateUsers = true;
+        ProtectClock = true;
+        ProtectControlGroups = true;
+        ProtectSystem = "strict";
+        ProtectHostname = true;
+        ProtectKernelLogs = true;
+        ProtectKernelModules = true;
+        ProtectKernelTunables = true;
+        ProtectProc = "invisible";
+        RemoveIPC = true;
+        RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
+        RestrictNamespaces = true;
+        RestrictRealtime = true;
+        RestrictSUIDSGID = true;
+        SystemCallArchitectures = "native";
+        SystemCallFilter = "@system-service";
+        SystemCallErrorNumber = "EPERM";
+        UMask = "0077";
+      };
+    };
+
+    home.packages = [ pkgs.davmail ];
+
+  };
+
+}
diff --git a/tests/default.nix b/tests/default.nix
index 024a4fa7..427f4e87 100644
--- a/tests/default.nix
+++ b/tests/default.nix
@@ -496,6 +496,7 @@ in import nmtSrc {
     ./modules/services/copyq
     ./modules/services/conky
     ./modules/services/darkman
+    ./modules/services/davmail
     ./modules/services/devilspie2
     ./modules/services/dropbox
     ./modules/services/easyeffects
diff --git a/tests/modules/services/davmail/custom-settings.nix b/tests/modules/services/davmail/custom-settings.nix
new file mode 100644
index 00000000..012324ad
--- /dev/null
+++ b/tests/modules/services/davmail/custom-settings.nix
@@ -0,0 +1,41 @@
+{ config, pkgs, ... }: {
+  services.davmail = {
+    enable = true;
+    settings = {
+      "davmail.imapPort" = 4444;
+      "davmail.oauth.redirectUri" = "urn:ietf:wg:oauth:2.0:oob";
+      "davmail.persistToken" = true;
+    };
+  };
+
+  nmt.script = ''
+    serviceFile=home-files/.config/systemd/user/davmail.service
+    assertFileExists $serviceFile
+    configFile=$(grep -o '/nix/store/.*-davmail.properties' $TESTED/$serviceFile)
+    assertFileExists $configFile
+    assertFileContent $configFile ${
+      pkgs.writeText "custom-settings.properties" ''
+        # Generated with Nix
+
+        davmail.caldavPort = 1080
+        davmail.disableUpdateCheck = true
+        davmail.imapPort = 4444
+        davmail.ldapPort = 1389
+        davmail.logFilePath = ${config.xdg.stateHome}/davmail.log
+        davmail.logFileSize = 1MB
+        davmail.mode = auto
+        davmail.oauth.redirectUri = urn:ietf:wg:oauth:2.0:oob
+        davmail.oauth.tokenFilePath = ${config.xdg.stateHome}/davmail-tokens
+        davmail.persistToken = true
+        davmail.popPort = 1110
+        davmail.server = true
+        davmail.smtpPort = 1025
+        davmail.url = https://outlook.office365.com/EWS/Exchange.asmx
+        log4j.logger.davmail = WARN
+        log4j.logger.httpclient.wire = WARN
+        log4j.logger.org.apache.commons.httpclient = WARN
+        log4j.rootLogger = WARN
+      ''
+    }
+  '';
+}
diff --git a/tests/modules/services/davmail/default.nix b/tests/modules/services/davmail/default.nix
new file mode 100644
index 00000000..764571e1
--- /dev/null
+++ b/tests/modules/services/davmail/default.nix
@@ -0,0 +1,4 @@
+{
+  davmail-custom-settings = ./custom-settings.nix;
+  davmail-imitateOutlook = ./imitateOutlook.nix;
+}
diff --git a/tests/modules/services/davmail/imitateOutlook.nix b/tests/modules/services/davmail/imitateOutlook.nix
new file mode 100644
index 00000000..1faf1aa5
--- /dev/null
+++ b/tests/modules/services/davmail/imitateOutlook.nix
@@ -0,0 +1,37 @@
+{ config, pkgs, ... }: {
+  services.davmail = {
+    enable = true;
+    imitateOutlook = true;
+  };
+
+  nmt.script = ''
+    serviceFile=home-files/.config/systemd/user/davmail.service
+    assertFileExists $serviceFile
+    configFile=$(grep -o '/nix/store/.*-davmail.properties' $TESTED/$serviceFile)
+    assertFileExists $configFile
+    assertFileContent $configFile ${
+      pkgs.writeText "imitateOutlook.properties" ''
+        # Generated with Nix
+
+        davmail.caldavPort = 1080
+        davmail.disableUpdateCheck = true
+        davmail.imapPort = 1143
+        davmail.ldapPort = 1389
+        davmail.logFilePath = ${config.xdg.stateHome}/davmail.log
+        davmail.logFileSize = 1MB
+        davmail.mode = auto
+        davmail.oauth.clientId = d3590ed6-52b3-4102-aeff-aad2292ab01c
+        davmail.oauth.redirectUri = urn:ietf:wg:oauth:2.0:oob
+        davmail.oauth.tokenFilePath = ${config.xdg.stateHome}/davmail-tokens
+        davmail.popPort = 1110
+        davmail.server = true
+        davmail.smtpPort = 1025
+        davmail.url = https://outlook.office365.com/EWS/Exchange.asmx
+        log4j.logger.davmail = WARN
+        log4j.logger.httpclient.wire = WARN
+        log4j.logger.org.apache.commons.httpclient = WARN
+        log4j.rootLogger = WARN
+      ''
+    }
+  '';
+}