gitea: setup mail

This commit is contained in:
Oystein Kristoffer Tveit 2024-05-12 01:46:18 +02:00
parent 1df959136d
commit f2caf60f62
2 changed files with 19 additions and 3 deletions

View File

@ -1,4 +1,4 @@
{ config, values, pkgs, ... }:
{ config, values, pkgs, lib, ... }:
let
cfg = config.services.gitea;
domain = "git.pvv.ntnu.no";
@ -13,6 +13,11 @@ in {
owner = "gitea";
group = "gitea";
};
# (kerberos password for SMTP and IMAP)
"gitea/passwd-password" = {
owner = "gitea";
group = "gitea";
};
"gitea/passwd-ssh-key" = { };
"gitea/ssh-known-hosts" = { };
"gitea/import-user-env" = { };
@ -31,6 +36,8 @@ in {
createDatabase = false;
};
mailerPasswordFile = config.sops.secrets."gitea/passwd-password".path;
settings = {
server = {
DOMAIN = domain;
@ -39,6 +46,14 @@ in {
SSH_PORT = sshPort;
START_SSH_SERVER = true;
};
mailer = lib.mkIf config.services.postfix.enable {
ENABLED = true;
FROM = "gitea@pvv.ntnu.no";
PROTOCOL = "smtp";
SMTP_ADDR = "mail.pvv.ntnu.no";
SMTP_PORT = 587;
USER = "gitea@pvv.ntnu.no";
};
indexer.REPO_INDEXER_ENABLED = true;
service.DISABLE_REGISTRATION = true;
session.COOKIE_SECURE = true;

View File

@ -1,6 +1,7 @@
gitea:
password: ENC[AES256_GCM,data:hlNzdU1ope0t50/3aztyLeXjMHd2vFPpwURX+Iu8f49DOqgSnEMtV+KtLA==,iv:qljRnSnchL5cFmaUAfCH9GQYQxcy5cyWejgk1x6bFgI=,tag:tIhboFU5kZsj5oAQR3hLbw==,type:str]
database: ENC[AES256_GCM,data:UlS33IdCEyeSvT6ngpmnkBWHuSEqsB//DT+3b7C+UwbD8UXWJlsLf1X8/w==,iv:mPRW5ldyZaHP+y/0vC2JGSLZmlkhgmkvXPk4LazkSDs=,tag:gGk6Z/nbPvzE1zG+tJC8Sw==,type:str]
passwd-password: ENC[AES256_GCM,data:fvr/ABpqryAGjQmpC4ezzlWGHYX6Qqo6,iv:og0gbBv0mNsliFSuXhtPTtO/lTwJpHoVZunvV7BQqB8=,tag:R6kd+WZlHFvY1X+G4e0EMw==,type:str]
passwd-ssh-key: ENC[AES256_GCM,data:L0lF0wvpayss1NU9m3A45cH0bCMQzODTFVrq6EPd1JHx54wIcoaRBYLmxXKXASzBlCg9zlwXMUIk3OQcS3kdzMKL0iqcSL2iicAcKjFIHyrWLqXgwV5pRSP/tRPcVw8KW8gz0bh33EgESs5ReddZ3VZ0Cy1s2YupMRQvBXr89k1+Hv70OWB6P06hvxhv/zKcMGI1N/dWLroMgrQuT9imw4+/Q1RqwzTYeEU+eUn24AM9GjcBg4qf3OI+6g0nXUat/upIYE28iF5J3lbUSmDSmirBLc8xgHLdOyyJPTObWYWYxlSL78T7IqiMm9lI3rtBlpJDDcn/YxZpVqN5bg2154GISNK+uR0TVSLdJ+drdGHIfIX3G78XSxf2L9rbJyRn8MQlgStfdBIQicLavQKVMrmj+XQfvEMez23WbPLjH4oViBQFI+GrOHOGy/f16cz8Sn4n+69OcsOeTxs3tKYdfq6r1XLYSJ/fe/zvxBpaZiyGXljsuyEdIyBL2A8D6uSXe3Nd3/DAdBtceFfIdN1olCdutixzVWgxaJnrel161z5A/4w=,iv:Uy46yY3jFYSvpxrgCHxRMUksnWfhf5DViLMvCXVMMl4=,tag:wFEJ5+icFrOKkc56gY0A5g==,type:str]
ssh-known-hosts: ENC[AES256_GCM,data:zlRLoelQeumMxGqPmgMTB69X1RVWXIs2jWwc67lk0wrdNOHUs5UzV5TUA1JnQ43RslBU92+js7DkyvE5enGzw7zZE5F1ZYdGv/eCgvkTMC9BoLfzHzP6OzayPLYEt3xJ5PRocN8JUAD55cuu4LgsuebuydHPi2oWOfpbSUBKSeCh6dvk5Pp1XRDprPS5SzGLW8Xjq98QlzmfGv50meI9CDJZVF9Wq/72gkyfgtb3YVdr,iv:AF06TBitHegfWk6w07CdkHklh4ripQCmA45vswDQgss=,tag:zKh7WVXMJN2o9ZIwIkby3Q==,type:str]
import-user-env: ENC[AES256_GCM,data:vfaqjGEnUM9VtOPvBurz7nFwzGZt3L2EqijrQej4wiOcGCrRA4tN6kBV6NmhHqlFPsw=,iv:viPGkyOOacCWcgTu25da4qH7DC4wz2qdeC1W2WcMUdI=,tag:BllNqGQoaxqUo3lTz9LGnw==,type:str]
@ -60,8 +61,8 @@ sops:
akVjeTNTeGorZjJQOVlMeCtPRUVYL3MK+VMvGxrbzGz4Q3sdaDDWjal+OiK+JYKX
GHiMXVHQJZu/RrlxMjHKN6V3iaqxZpuvLAEJ2Lzy5EOHPtuiiRyeHQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-04-14T21:58:31Z"
mac: ENC[AES256_GCM,data:+o7YvaaKTjN/uZT5mv3z9FgIbXwG4NPJePWwRmtkBINn9X+vrCmYOXqWhKw7qfInn4Ftcg0FA7cYFZe5Pv8MNp+f8v1yoiLrVX12cxmEYtqTXJz7pNeD2st1YjGJKihNi2/fyCCf4YBCGN+8Ze//HeVf7/tfWNB+ysyC9g9Tze4=,iv:C6XBCVXn8GuNeaWGdJRnUIh1us0i8fSoxu9Sx7Feb58=,tag:W0RLPPv7eP5kCNrhMG3z7A==,type:str]
lastmodified: "2024-05-11T22:37:32Z"
mac: ENC[AES256_GCM,data:XwhPP4UYlxk7q8DLRwZ+/DYicgEm0CimJD44jOafi4qhEVGcX5+KoYx9w10RfpA6QW2MGRG9DvH8rkYOoVWaEK4oe3MgyiE2BziVAna3g3l2Dkk8hgcD6sPiW3XZkJLJ/eHApfpQHHVcmX3nuwAwUXCDEewVk5hYn61YgOCsBx0=,iv:iFzldtZmvixWKr4nNHskcA6K9azxy7HwcpFVZzuXzNI=,tag:kz/eHELgdF875FhXGA/0BQ==,type:str]
pgp:
- created_at: "2023-05-21T00:28:40Z"
enc: |