Wateir/NixServerConfig
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat : Add mailer in forgejo

Browse source
This commit is contained in:
Wateir 2025-12-24 20:17:53 +01:00
parent 7506073727
commit efdb1794be
5 changed files with 63 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

20
module/default.nix
View file

@ -51,7 +51,10 @@ in {
desc = "Roundcube webapp"; desc = "Roundcube webapp";
extraOpts = { extraOpts = {
port = mkPortOption 1984; port = mkPortOption 1984;
subdomain = "mail"; subdomain = lib.mkOption {
type = lib.types.str;
default = "mail";
};
}; };
}; };
@ -60,7 +63,10 @@ in {
extraOpts = { extraOpts = {
externalPort = mkPortOption 8000; externalPort = mkPortOption 8000;
internalPort = mkPortOption 8222; internalPort = mkPortOption 8222;
subdomain = "vault"; subdomain = lib.mkOption {
type = lib.types.str;
default = "vault";
};
}; };
}; };
@ -69,7 +75,10 @@ in {
extraOpts = { extraOpts = {
externalPort = mkPortOption 3000; externalPort = mkPortOption 3000;
internalPort = mkPortOption 8500; internalPort = mkPortOption 8500;
subdomain = "git"; subdomain = lib.mkOption {
type = lib.types.str;
default = "git";
};
}; };
}; };
@ -77,7 +86,10 @@ in {
desc = "SearXNG meta-search engine"; desc = "SearXNG meta-search engine";
extraOpts = { extraOpts = {
port = mkPortOption 1692; port = mkPortOption 1692;
subdomain = "search"; subdomain = lib.mkOption {
type = lib.types.str;
default = "search";
};
}; };
}; };
}; };

30
module/forgejo.nix
View file

@ -1,20 +1,40 @@
{ config,lib, ... }: { config, lib, ... }:
let let
cfg = config.services.forgejo; cfg = config.services.forgejo;
srv = cfg.settings.server;
in in
{ {
age.secrets = lib.mkIf config.services.forgejo.enable {
# Keep your secret definitions as they are
YfDrVBDJcVoYNZeJ.file = ../secrets/cache/YfDrVBDJcVoYNZeJ;
kuc8wgd09HbRU99u.file = ../secrets/cache/kuc8wgd09HbRU99u;
XNkwPolezNRELmWu.file = ../secrets/cache/XNkwPolezNRELmWu;
};
services.forgejo = { services.forgejo = {
enable = true;
database.type = "postgres"; database.type = "postgres";
# Enable support for Git Large File Storage
lfs.enable = true; lfs.enable = true;
secrets.mailer = {
PASSWD = config.age.secrets.XNkwPolezNRELmWu.path;
USER = config.age.secrets.kuc8wgd09HbRU99u.path;
SMTP_ADDR = config.age.secrets.YfDrVBDJcVoYNZeJ.path;
};
settings = { settings = {
service.DISABLE_REGISTRATION = true;
server = { server = {
DOMAIN = "git.${config.module.domain}"; DOMAIN = "git.${config.module.domain}";
# You need to specify this to remove the port from URLs in the web UI. ROOT_URL = "https://git.${config.module.domain}/";
ROOT_URL = "https://${srv.DOMAIN}/";
HTTP_PORT = config.module.forgejo.internalPort; HTTP_PORT = config.module.forgejo.internalPort;
}; };
mailer = {
ENABLED = true;
SMTP_PORT = 465;
PROTOCOL = "smtps";
};
}; };
}; };
} }

20
module/roundcube.nix
View file

@ -4,34 +4,32 @@
age.secrets = { age.secrets = {
YfDrVBDJcVoYNZeJ = { YfDrVBDJcVoYNZeJ = {
file = ../secrets/cache/YfDrVBDJcVoYNZeJ; file = ../secrets/cache/YfDrVBDJcVoYNZeJ;
owner = "roundcube";
}; };
LtnxWKwZdDIxAKzp = { LtnxWKwZdDIxAKzp = {
file = ../secrets/cache/LtnxWKwZdDIxAKzp; file = ../secrets/cache/LtnxWKwZdDIxAKzp;
owner = "roundcube";
}; };
}; };
services.roundcube = { services.roundcube = {
enable = true;
hostName = "${config.module.roundcube.subdomain}.${config.module.domain}"; hostName = "${config.module.roundcube.subdomain}.${config.module.domain}";
plugins = [ "multiple_accounts" ]; plugins = [ "multiple_accounts" ];
configureNginx = false; configureNginx = false;
extraConfig = '' extraConfig = ''
$config['default_host'] = trim( // Concatenate the protocol string with the file contents in PHP
file_get_contents('${config.age.secrets.LtnxWKwZdDIxAKzp.path}') $config['default_host'] = 'ssl://' . trim(file_get_contents('${config.age.secrets.LtnxWKwZdDIxAKzp.path}'));
);
$config['default_port'] = 993; $config['default_port'] = 993;
$config['smtp_server'] = trim(
file_get_contents('${config.age.secrets.YfDrVBDJcVoYNZeJ.path}') $config['smtp_server'] = 'tls://' . trim(file_get_contents('${config.age.secrets.YfDrVBDJcVoYNZeJ.path}'));
);
$config['smtp_port'] = 465; $config['smtp_port'] = 465;
$config['smtp_user'] = '%u'; $config['smtp_user'] = '%u';
$config['smtp_pass'] = '%p'; $config['smtp_pass'] = '%p';
''; '';
}; };
systemd.services.nginx.serviceConfig.ProtectHome = false; users.groups.roundcube.members = [ "nginx" "phpfpm" ];
users.groups.roundcube.members = [ "nginx" ];
} }

13
secrets/cache/LtnxWKwZdDIxAKzp vendored
View file

@ -1,8 +1,7 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 ZX/yJA 5o3VZvF6R5omfRGu8f5C6YA287n58Gqcl/cA1tR2dwo -> ssh-ed25519 ZX/yJA jxYq45sqBCgO+eFPmJILHHN0seVXTjwIC/XmXkcSWBY
PUxVDLsvhukxgRdiFOHNN4W1kzCvpJ4eZ6quX/ZxCK8 ANagQjWKb/kbLnC/4qfiqcth1WnTVBDZ13iL2jdePls
-> ssh-ed25519 5AyMyw LT2QCekJV3Hb9CGnZDHtQmGbVEgx96jZ3dU1oWxUL1g -> ssh-ed25519 5AyMyw 9aQ9rpUkzmFM9RJVPKC6ZLZEtNvaKrNV9gecAxsPcws
SFq7UXIjL67blDFU/n7LcwbZAYzMqzL5Eos2n14J++M /Z5IWQtqA/ZgcWizLEtu7Y6XayN3WYcviBk9eBgNcZE
--- I8lQdNHSL27BXd0WQ2SGwDhVQcI/cL3N3LFIhyc/ycA --- dE0aXIe03KT/HqiVshlnoHaJYu9W5jNo64F1I04wuyw
öáø"(…Tú¡=êEGóFܹJ>—ãsüŽÂ9 Y/­»<C2AD>lVL “ì(§Ñ°€ÄQ³.†$pÇd³bãY³Ã9±öå÷<C3A5>œ5]åËóÊ<C3B3>_vÎ_„#ºu$ä
yz¿Ù\"|FY@dǪj"9

14
secrets/cache/YfDrVBDJcVoYNZeJ vendored
View file

@ -1,8 +1,8 @@
age-encryption.org/v1 age-encryption.org/v1
-> ssh-ed25519 ZX/yJA IQ2va+9dYf1sKZMjafovBZLLyjRgkf+WbWWVmNZ14kA -> ssh-ed25519 ZX/yJA lQMC4W7wJYUYZS6ZieuN55sYvgTy+zD4aUH1fAwZZ2A
4k2NcxL4NT7og8ad+2i1FQC20OzXJG4mVGvZz2Kb5M4 7rroEL3kTn6SnoY6tguNf7JB2RW3LS9LRwOH08XC6hs
-> ssh-ed25519 5AyMyw meaQCKCXiEwA+E2gijD41gWou73/s4RGWEVJX55JnS8 -> ssh-ed25519 5AyMyw pVrsI0/R7s4R5xaxcgzqIdaH3csptMha+cMGkFimMGI
GUX7WzSIzLVfQUViJfeudUh6eeIOMfMRMFgL2JwEIoY 3eZZtG9HI8K3woAqEM528cB46Ecv2nFc3++mHtvQfTw
--- jsp7cV2mL6r7A3RlsHmK9LmLHsRrZGG0EKloktB63as --- Wlkf3vghYpcFpkzzAE1eHo3Cd3d6uTkeDuYDNRgcrLQ
]" v%TCçßgÖ³ ì¾U†×Äýº½)x«ÅšœÒ¦A»­ (KUÍB¿ 2ieþ®Í]‡Ý*•ØÔE
€>uZä&<jhœ'€GÛB/|³à#(­,V”Ü×þÈ BCVS<13>ý£ƒG