patrick/nix-config
1
1
Fork 0
Code Issues Pull requests Projects Wiki Activity

chore(immich): add mailer config

Browse source
This commit is contained in:
Patrick 2024-07-27 22:01:18 +02:00
parent 8e16ec066f
commit 63359803f9
Signed by: patrick
GPG key ID: 451F95EFB8BECD0F
3 changed files with 49 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
config/optional/steam.nix
View file

@ -5,6 +5,7 @@
... ...
}: }:
lib.optionalAttrs (!minimal) { lib.optionalAttrs (!minimal) {
programs.gpu-screen-recorder.enable = true;
programs.steam = { programs.steam = {
enable = true; enable = true;
package = pkgs.steam.override { package = pkgs.steam.override {

39
config/services/immich.nix
View file

@ -55,6 +55,15 @@ let
enabled = true; enabled = true;
level = "log"; level = "log";
}; };
notifications.smtp = {
enabled = true;
from = "immich@${config.secrets.secrets.global.domains.mail_public}";
transport = {
username = "immich@${config.secrets.secrets.global.domains.mail_public}";
host = "smtp.${config.secrets.secrets.global.domains.mail_public}";
port = 465;
};
};
machineLearning = { machineLearning = {
clip = { clip = {
enabled = true; enabled = true;
@ -104,12 +113,6 @@ let
template = "{{y}}/{{MM}}/{{filename}}"; template = "{{y}}/{{MM}}/{{filename}}";
}; };
theme.customCss = ""; theme.customCss = "";
thumbnail = {
colorspace = "p3";
jpegSize = 1440;
quality = 80;
webpSize = 250;
};
trash = { trash = {
days = 30; days = 30;
enabled = true; enabled = true;
@ -145,6 +148,23 @@ let
processedConfigFile = "/run/agenix/immich.config.json"; processedConfigFile = "/run/agenix/immich.config.json";
in in
{ {
age.secrets.maddyPasswd = {
generator.script = "alnum";
mode = "440";
group = "root";
};
nodes.maddy = {
age.secrets.immichPasswd = {
inherit (config.age.secrets.maddyPasswd) rekeyFile;
inherit (nodes.maddy.config.services.maddy) group;
mode = "640";
};
services.maddy.ensureCredentials = {
"immich@${config.secrets.secrets.global.domains.mail_public}".passwordFile =
nodes.maddy.config.age.secrets.immichPasswd.path;
};
};
age.secrets.resticpasswd = { age.secrets.resticpasswd = {
generator.script = "alnum"; generator.script = "alnum";
}; };
@ -203,7 +223,12 @@ in
deps = [ "agenix" ]; deps = [ "agenix" ];
text = '' text = ''
immichClientSecret=$(< ${config.age.secrets.immich-oauth2-client-secret.path}) immichClientSecret=$(< ${config.age.secrets.immich-oauth2-client-secret.path})
${pkgs.jq}/bin/jq --arg immichClientSecret "$immichClientSecret" '.oauth.clientSecret = $immichClientSecret' ${configFile} > ${processedConfigFile} immichEmailSecret=$(< ${config.age.secrets.maddyPasswd.path})
${pkgs.jq}/bin/jq \
--arg immichClientSecret "$immichClientSecret" \
--arg immichEmailSecret "$immichEmailSecret" \
'.oauth.clientSecret = $immichClientSecret | .notifications.smtp.transport.password = $immichEmailSecret' \
${configFile} > ${processedConfigFile}
chmod 444 ${processedConfigFile} chmod 444 ${processedConfigFile}
''; '';
}; };

16
hosts/elisabeth/secrets/immich/generated/maddyPasswd.age Normal file
View file

@ -0,0 +1,16 @@
age-encryption.org/v1
-> X25519 26LQ7M/ohpGhCF5KSGOKGPleQS14YEUbLX3TkuJhA1c
molDQC1NjtUmgR4awiPa6s3Ps9FidC6ztupTCcaW7vY
-> piv-p256 ZFgiIw AsgqJFOJqktxrbSJRXASEB/drg6GMy5Ugg7wDc4zy8MI
2LRO6PpWRJ48WK6e/zWnfSgu7W4TKiXZHm/KxGw8dro
-> piv-p256 XTQkUA A2rw+YxP75H2isyxzWfofyBkV+PQsU5GQjv/Yf/CDdRQ
BCgHzAzkV6yICyq1Qeb7rXrBDhGwda0cXRCC4SfIsJ0
-> piv-p256 ZFgiIw Alc99i8iND+M1dgqWyW829TiYZbCkYF9RQ9ZS/jbjSV7
7TePYT/aGOAekGSbL62SeDUAycMFC1/+K14UmBWRwyE
-> piv-p256 5vmPtQ AgeVBqU8vdbgsJ5im3cDvXPCUsp/iGm9JwZ190fLZnuF
8S+xFyUGrLfXc+rmAHy4Mvk9QvybOk0EozTj46aCUW0
-> 5-grease %",T b5
lhY8pdELxc7fr1hpxyTC9Cxn6QxiDmvxsKaVpwxC6g9aBTl0g1cdGoF3QdLvRkZj
F4fkyUTP0R9CrzBICabil1EzEw
--- plFbkh1yLnDN0yTuS+g0RuYlA0OLW4UUL4B2G5aDA+k
žôå“c]XuWæö(”Õ){¡a<Þ¡ÉP#e´~H˜žÆûGZ'L¯ˆ0iûo\ŒÈE%û”¹ýžGP=ìronë(*[Ÿð;þ aB5y™