From 40d878d92aef93e30ae937fd93c60af0eb179ba9 Mon Sep 17 00:00:00 2001 From: h7x4 Date: Sun, 12 May 2024 01:46:18 +0200 Subject: [PATCH] gitea: setup mail --- hosts/bekkalokk/services/gitea/default.nix | 15 +++++++++++++++ secrets/bekkalokk/bekkalokk.yaml | 5 +++-- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/hosts/bekkalokk/services/gitea/default.nix b/hosts/bekkalokk/services/gitea/default.nix index fe51e65..c8cc01d 100644 --- a/hosts/bekkalokk/services/gitea/default.nix +++ b/hosts/bekkalokk/services/gitea/default.nix @@ -13,6 +13,11 @@ in { owner = "gitea"; group = "gitea"; }; + # (kerberos password for SMTP and IMAP) + "gitea/passwd-password" = { + owner = "gitea"; + group = "gitea"; + }; "gitea/passwd-ssh-key" = { }; "gitea/ssh-known-hosts" = { }; "gitea/import-user-env" = { }; @@ -31,6 +36,8 @@ in { createDatabase = false; }; + mailerPasswordFile = config.sops.secrets."gitea/passwd-password".path; + settings = { server = { DOMAIN = domain; @@ -39,6 +46,14 @@ in { SSH_PORT = sshPort; START_SSH_SERVER = true; }; + mailer = { + ENABLED = true; + FROM = "gitea@pvv.ntnu.no"; + PROTOCOL = "smtp"; + SMTP_ADDR = "mail.pvv.ntnu.no"; + SMTP_PORT = 587; + USER = "gitea@pvv.ntnu.no"; + }; indexer.REPO_INDEXER_ENABLED = true; service.DISABLE_REGISTRATION = true; session.COOKIE_SECURE = true; diff --git a/secrets/bekkalokk/bekkalokk.yaml b/secrets/bekkalokk/bekkalokk.yaml index 152bafc..1a28987 100644 --- a/secrets/bekkalokk/bekkalokk.yaml +++ b/secrets/bekkalokk/bekkalokk.yaml @@ -1,6 +1,7 @@ gitea: password: ENC[AES256_GCM,data:hlNzdU1ope0t50/3aztyLeXjMHd2vFPpwURX+Iu8f49DOqgSnEMtV+KtLA==,iv:qljRnSnchL5cFmaUAfCH9GQYQxcy5cyWejgk1x6bFgI=,tag:tIhboFU5kZsj5oAQR3hLbw==,type:str] database: ENC[AES256_GCM,data:UlS33IdCEyeSvT6ngpmnkBWHuSEqsB//DT+3b7C+UwbD8UXWJlsLf1X8/w==,iv:mPRW5ldyZaHP+y/0vC2JGSLZmlkhgmkvXPk4LazkSDs=,tag:gGk6Z/nbPvzE1zG+tJC8Sw==,type:str] + passwd-password: ENC[AES256_GCM,data:fvr/ABpqryAGjQmpC4ezzlWGHYX6Qqo6,iv:og0gbBv0mNsliFSuXhtPTtO/lTwJpHoVZunvV7BQqB8=,tag:R6kd+WZlHFvY1X+G4e0EMw==,type:str] passwd-ssh-key: ENC[AES256_GCM,data:L0lF0wvpayss1NU9m3A45cH0bCMQzODTFVrq6EPd1JHx54wIcoaRBYLmxXKXASzBlCg9zlwXMUIk3OQcS3kdzMKL0iqcSL2iicAcKjFIHyrWLqXgwV5pRSP/tRPcVw8KW8gz0bh33EgESs5ReddZ3VZ0Cy1s2YupMRQvBXr89k1+Hv70OWB6P06hvxhv/zKcMGI1N/dWLroMgrQuT9imw4+/Q1RqwzTYeEU+eUn24AM9GjcBg4qf3OI+6g0nXUat/upIYE28iF5J3lbUSmDSmirBLc8xgHLdOyyJPTObWYWYxlSL78T7IqiMm9lI3rtBlpJDDcn/YxZpVqN5bg2154GISNK+uR0TVSLdJ+drdGHIfIX3G78XSxf2L9rbJyRn8MQlgStfdBIQicLavQKVMrmj+XQfvEMez23WbPLjH4oViBQFI+GrOHOGy/f16cz8Sn4n+69OcsOeTxs3tKYdfq6r1XLYSJ/fe/zvxBpaZiyGXljsuyEdIyBL2A8D6uSXe3Nd3/DAdBtceFfIdN1olCdutixzVWgxaJnrel161z5A/4w=,iv:Uy46yY3jFYSvpxrgCHxRMUksnWfhf5DViLMvCXVMMl4=,tag:wFEJ5+icFrOKkc56gY0A5g==,type:str] ssh-known-hosts: ENC[AES256_GCM,data:zlRLoelQeumMxGqPmgMTB69X1RVWXIs2jWwc67lk0wrdNOHUs5UzV5TUA1JnQ43RslBU92+js7DkyvE5enGzw7zZE5F1ZYdGv/eCgvkTMC9BoLfzHzP6OzayPLYEt3xJ5PRocN8JUAD55cuu4LgsuebuydHPi2oWOfpbSUBKSeCh6dvk5Pp1XRDprPS5SzGLW8Xjq98QlzmfGv50meI9CDJZVF9Wq/72gkyfgtb3YVdr,iv:AF06TBitHegfWk6w07CdkHklh4ripQCmA45vswDQgss=,tag:zKh7WVXMJN2o9ZIwIkby3Q==,type:str] import-user-env: ENC[AES256_GCM,data:vfaqjGEnUM9VtOPvBurz7nFwzGZt3L2EqijrQej4wiOcGCrRA4tN6kBV6NmhHqlFPsw=,iv:viPGkyOOacCWcgTu25da4qH7DC4wz2qdeC1W2WcMUdI=,tag:BllNqGQoaxqUo3lTz9LGnw==,type:str] @@ -60,8 +61,8 @@ sops: akVjeTNTeGorZjJQOVlMeCtPRUVYL3MK+VMvGxrbzGz4Q3sdaDDWjal+OiK+JYKX GHiMXVHQJZu/RrlxMjHKN6V3iaqxZpuvLAEJ2Lzy5EOHPtuiiRyeHQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-14T21:58:31Z" - mac: ENC[AES256_GCM,data:+o7YvaaKTjN/uZT5mv3z9FgIbXwG4NPJePWwRmtkBINn9X+vrCmYOXqWhKw7qfInn4Ftcg0FA7cYFZe5Pv8MNp+f8v1yoiLrVX12cxmEYtqTXJz7pNeD2st1YjGJKihNi2/fyCCf4YBCGN+8Ze//HeVf7/tfWNB+ysyC9g9Tze4=,iv:C6XBCVXn8GuNeaWGdJRnUIh1us0i8fSoxu9Sx7Feb58=,tag:W0RLPPv7eP5kCNrhMG3z7A==,type:str] + lastmodified: "2024-05-11T22:37:32Z" + mac: ENC[AES256_GCM,data:XwhPP4UYlxk7q8DLRwZ+/DYicgEm0CimJD44jOafi4qhEVGcX5+KoYx9w10RfpA6QW2MGRG9DvH8rkYOoVWaEK4oe3MgyiE2BziVAna3g3l2Dkk8hgcD6sPiW3XZkJLJ/eHApfpQHHVcmX3nuwAwUXCDEewVk5hYn61YgOCsBx0=,iv:iFzldtZmvixWKr4nNHskcA6K9azxy7HwcpFVZzuXzNI=,tag:kz/eHELgdF875FhXGA/0BQ==,type:str] pgp: - created_at: "2023-05-21T00:28:40Z" enc: |