patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

chore(forgejo): add mail

Browse source
This commit is contained in:
Patrick 2024-07-27 19:48:49 +02:00
parent 553a3e7de1
commit 377239650e
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
3 changed files with 19 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
config/services/forgejo.nix
View file

@ -68,11 +68,21 @@ in
mode = "0700"; mode = "0700";
} }
]; ];
age.secrets.forgejo-mailer-passwd = { age.secrets.maddyPasswd = {
rekeyFile = config.node.secretsDir + "/forgejo-passwd.age"; generator.script = "alnum";
owner = "git";
group = "git"; group = "git";
mode = "0700"; mode = "0750";
};
nodes.maddy = {
age.secrets.forgejoPasswd = {
inherit (config.age.secrets.maddyPasswd) rekeyFile;
inherit (nodes.maddy.config.services.maddy) group;
mode = "640";
};
services.maddy.ensureCredentials = {
"forgec@${config.secrets.secrets.global.domains.mail_public}".passwordFile =
nodes.maddy.config.age.secrets.forgejoPasswd.path;
};
}; };
services.forgejo = { services.forgejo = {
@ -82,9 +92,9 @@ in
user = "git"; user = "git";
group = "git"; group = "git";
lfs.enable = true; lfs.enable = true;
secrets.mailer.PASSWD = config.age.secrets.forgejo-mailer-passwd.path; secrets.mailer.PASSWD = config.age.secrets.maddyPasswd.path;
settings = { settings = {
DEFAULT.APP_NAME = "Patricks tolles git"; # tungsten inert gas? DEFAULT.APP_NAME = "Patricks tolles git";
actions = { actions = {
ENABLED = true; ENABLED = true;
DEFAULT_ACTIONS_URL = "github"; DEFAULT_ACTIONS_URL = "github";
@ -99,9 +109,9 @@ in
# federation.ENABLED = true; # federation.ENABLED = true;
mailer = { mailer = {
ENABLED = true; ENABLED = true;
SMTP_ADDR = config.secrets.secrets.local.forgejo.mail.host; SMTP_ADDR = "smtp.${config.secrets.secrets.global.domains.mail_public}";
FROM = config.secrets.secrets.local.forgejo.mail.from; FROM = "forge@${config.secrets.secrets.global.domains.mail_public}";
USER = config.secrets.secrets.local.forgejo.mail.user; USER = "forge@${config.secrets.secrets.global.domains.mail_public}";
SEND_AS_PLAIN_TEXT = true; SEND_AS_PLAIN_TEXT = true;
}; };
oauth2_client = { oauth2_client = {
@ -124,9 +134,6 @@ in
ROOT_URL = "https://${forgejoDomain}/"; ROOT_URL = "https://${forgejoDomain}/";
LANDING_PAGE = "login"; LANDING_PAGE = "login";
SSH_PORT = 9922; SSH_PORT = 9922;
# TODO
# port forwarding in fritz box
# port forwarding in elisabeth
}; };
service = { service = {
DISABLE_REGISTRATION = false; DISABLE_REGISTRATION = false;

16
hosts/elisabeth/secrets/forgejo/forgejo-passwd.age
View file

@ -1,16 +0,0 @@
age-encryption.org/v1
-> X25519 CMoCS3EqmXVkwSVuMB51DnV80S/H5zk8IcQeJxEqO0w
En/MAzeFWfcLrcUO4Ukt1zNBf5uVq+v0pBjz6+Um91U
-> piv-p256 XTQkUA A/AOwf+EXSep90xsABet03k1M+qNfxtRpRGR98Los0z0
qid6WZum67EFiXR1hKjHrBIAnXfTqLipUpBhOAjWci4
-> piv-p256 ZFgiIw A2QJdu+pkCF+oKjdRK6bZxESjy//RquUc8+mDoDj5fQ2
0WqGNebppaN+RmIiDTh2j0SvmqakOt/qUhEc3mODXpU
-> piv-p256 5vmPtQ Ahcpp40amXecurWAP9dfZ1h7v49HPj0Bz9dvt8Cj9tB+
kA/6aHJw5/GyqUXb8t15TPYxu8ZpNzGCD6/XRCPijPk
-> piv-p256 ZFgiIw ArryoUHlGkAM2e1BP1wfYeGceai5nKtvza3atjIxhh8B
bUKrpqhGst+Az60k7wy5hZMUsXq7f+VTcwuce0M/7pM
-> m\)y8qgO-grease ~N/[^ p8q(OzUj ztrT
0aZbW62GiFb8D7hcs4NT/OwKjpBpOYNslzhZRanUZpLr9t6+E4qXjCpAMTkg8UQe
SWw3pFmGBmaQh6rGJy1/J3VdLI0
--- 9muabfoma9i62RxKgrGcp9bPYAjjDH3dLB3DJyjR58A
]׊6§ă,^śş‡=<3D>Ý夬¤öO.<Fâ+ °$ NűÁ—'ĹßľDŐłJş§»>:X”ßő7I@[0úL —¦říč">w

BIN
hosts/elisabeth/secrets/forgejo/generated/maddyPasswd.age Normal file
View file

Binary file not shown.