Compare commits
2 Commits
main
...
setup-post
Author | SHA1 | Date |
---|---|---|
Oystein Kristoffer Tveit | f2caf60f62 | |
Oystein Kristoffer Tveit | 1df959136d |
|
@ -1,4 +1,4 @@
|
|||
{ config, values, pkgs, ... }:
|
||||
{ config, values, pkgs, lib, ... }:
|
||||
let
|
||||
cfg = config.services.gitea;
|
||||
domain = "git.pvv.ntnu.no";
|
||||
|
@ -13,6 +13,11 @@ in {
|
|||
owner = "gitea";
|
||||
group = "gitea";
|
||||
};
|
||||
# (kerberos password for SMTP and IMAP)
|
||||
"gitea/passwd-password" = {
|
||||
owner = "gitea";
|
||||
group = "gitea";
|
||||
};
|
||||
"gitea/passwd-ssh-key" = { };
|
||||
"gitea/ssh-known-hosts" = { };
|
||||
"gitea/import-user-env" = { };
|
||||
|
@ -31,6 +36,8 @@ in {
|
|||
createDatabase = false;
|
||||
};
|
||||
|
||||
mailerPasswordFile = config.sops.secrets."gitea/passwd-password".path;
|
||||
|
||||
settings = {
|
||||
server = {
|
||||
DOMAIN = domain;
|
||||
|
@ -39,6 +46,14 @@ in {
|
|||
SSH_PORT = sshPort;
|
||||
START_SSH_SERVER = true;
|
||||
};
|
||||
mailer = lib.mkIf config.services.postfix.enable {
|
||||
ENABLED = true;
|
||||
FROM = "gitea@pvv.ntnu.no";
|
||||
PROTOCOL = "smtp";
|
||||
SMTP_ADDR = "mail.pvv.ntnu.no";
|
||||
SMTP_PORT = 587;
|
||||
USER = "gitea@pvv.ntnu.no";
|
||||
};
|
||||
indexer.REPO_INDEXER_ENABLED = true;
|
||||
service.DISABLE_REGISTRATION = true;
|
||||
session.COOKIE_SECURE = true;
|
||||
|
|
|
@ -0,0 +1,23 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
let
|
||||
cfg = config.services.postfix;
|
||||
in
|
||||
{
|
||||
services.postfix = {
|
||||
enable = true;
|
||||
|
||||
hostname = "${config.networking.hostName}.pvv.ntnu.no";
|
||||
domain = "pvv.ntnu.no";
|
||||
|
||||
relayHost = "smtp.pvv.ntnu.no";
|
||||
relayPort = 465;
|
||||
|
||||
config = {
|
||||
smtp_tls_wrappermode = "yes";
|
||||
smtp_tls_security_level = "encrypt";
|
||||
};
|
||||
|
||||
# Nothing should be delivered to this machine
|
||||
destination = [ ];
|
||||
};
|
||||
}
|
|
@ -1,6 +1,7 @@
|
|||
gitea:
|
||||
password: ENC[AES256_GCM,data:hlNzdU1ope0t50/3aztyLeXjMHd2vFPpwURX+Iu8f49DOqgSnEMtV+KtLA==,iv:qljRnSnchL5cFmaUAfCH9GQYQxcy5cyWejgk1x6bFgI=,tag:tIhboFU5kZsj5oAQR3hLbw==,type:str]
|
||||
database: ENC[AES256_GCM,data:UlS33IdCEyeSvT6ngpmnkBWHuSEqsB//DT+3b7C+UwbD8UXWJlsLf1X8/w==,iv:mPRW5ldyZaHP+y/0vC2JGSLZmlkhgmkvXPk4LazkSDs=,tag:gGk6Z/nbPvzE1zG+tJC8Sw==,type:str]
|
||||
passwd-password: ENC[AES256_GCM,data:fvr/ABpqryAGjQmpC4ezzlWGHYX6Qqo6,iv:og0gbBv0mNsliFSuXhtPTtO/lTwJpHoVZunvV7BQqB8=,tag:R6kd+WZlHFvY1X+G4e0EMw==,type:str]
|
||||
passwd-ssh-key: ENC[AES256_GCM,data:L0lF0wvpayss1NU9m3A45cH0bCMQzODTFVrq6EPd1JHx54wIcoaRBYLmxXKXASzBlCg9zlwXMUIk3OQcS3kdzMKL0iqcSL2iicAcKjFIHyrWLqXgwV5pRSP/tRPcVw8KW8gz0bh33EgESs5ReddZ3VZ0Cy1s2YupMRQvBXr89k1+Hv70OWB6P06hvxhv/zKcMGI1N/dWLroMgrQuT9imw4+/Q1RqwzTYeEU+eUn24AM9GjcBg4qf3OI+6g0nXUat/upIYE28iF5J3lbUSmDSmirBLc8xgHLdOyyJPTObWYWYxlSL78T7IqiMm9lI3rtBlpJDDcn/YxZpVqN5bg2154GISNK+uR0TVSLdJ+drdGHIfIX3G78XSxf2L9rbJyRn8MQlgStfdBIQicLavQKVMrmj+XQfvEMez23WbPLjH4oViBQFI+GrOHOGy/f16cz8Sn4n+69OcsOeTxs3tKYdfq6r1XLYSJ/fe/zvxBpaZiyGXljsuyEdIyBL2A8D6uSXe3Nd3/DAdBtceFfIdN1olCdutixzVWgxaJnrel161z5A/4w=,iv:Uy46yY3jFYSvpxrgCHxRMUksnWfhf5DViLMvCXVMMl4=,tag:wFEJ5+icFrOKkc56gY0A5g==,type:str]
|
||||
ssh-known-hosts: ENC[AES256_GCM,data:zlRLoelQeumMxGqPmgMTB69X1RVWXIs2jWwc67lk0wrdNOHUs5UzV5TUA1JnQ43RslBU92+js7DkyvE5enGzw7zZE5F1ZYdGv/eCgvkTMC9BoLfzHzP6OzayPLYEt3xJ5PRocN8JUAD55cuu4LgsuebuydHPi2oWOfpbSUBKSeCh6dvk5Pp1XRDprPS5SzGLW8Xjq98QlzmfGv50meI9CDJZVF9Wq/72gkyfgtb3YVdr,iv:AF06TBitHegfWk6w07CdkHklh4ripQCmA45vswDQgss=,tag:zKh7WVXMJN2o9ZIwIkby3Q==,type:str]
|
||||
import-user-env: ENC[AES256_GCM,data:vfaqjGEnUM9VtOPvBurz7nFwzGZt3L2EqijrQej4wiOcGCrRA4tN6kBV6NmhHqlFPsw=,iv:viPGkyOOacCWcgTu25da4qH7DC4wz2qdeC1W2WcMUdI=,tag:BllNqGQoaxqUo3lTz9LGnw==,type:str]
|
||||
|
@ -60,8 +61,8 @@ sops:
|
|||
akVjeTNTeGorZjJQOVlMeCtPRUVYL3MK+VMvGxrbzGz4Q3sdaDDWjal+OiK+JYKX
|
||||
GHiMXVHQJZu/RrlxMjHKN6V3iaqxZpuvLAEJ2Lzy5EOHPtuiiRyeHQ==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2024-04-14T21:58:31Z"
|
||||
mac: ENC[AES256_GCM,data:+o7YvaaKTjN/uZT5mv3z9FgIbXwG4NPJePWwRmtkBINn9X+vrCmYOXqWhKw7qfInn4Ftcg0FA7cYFZe5Pv8MNp+f8v1yoiLrVX12cxmEYtqTXJz7pNeD2st1YjGJKihNi2/fyCCf4YBCGN+8Ze//HeVf7/tfWNB+ysyC9g9Tze4=,iv:C6XBCVXn8GuNeaWGdJRnUIh1us0i8fSoxu9Sx7Feb58=,tag:W0RLPPv7eP5kCNrhMG3z7A==,type:str]
|
||||
lastmodified: "2024-05-11T22:37:32Z"
|
||||
mac: ENC[AES256_GCM,data:XwhPP4UYlxk7q8DLRwZ+/DYicgEm0CimJD44jOafi4qhEVGcX5+KoYx9w10RfpA6QW2MGRG9DvH8rkYOoVWaEK4oe3MgyiE2BziVAna3g3l2Dkk8hgcD6sPiW3XZkJLJ/eHApfpQHHVcmX3nuwAwUXCDEewVk5hYn61YgOCsBx0=,iv:iFzldtZmvixWKr4nNHskcA6K9azxy7HwcpFVZzuXzNI=,tag:kz/eHELgdF875FhXGA/0BQ==,type:str]
|
||||
pgp:
|
||||
- created_at: "2023-05-21T00:28:40Z"
|
||||
enc: |
|
||||
|
|
Loading…
Reference in New Issue