asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

magpie/gitea: replace smtp with sendmail, fix pass reset bug

Browse Source
This commit is contained in:
Asmir A 2023-10-17 22:41:22 +02:00
parent eb43638c3b
commit cadaede0ee
1 changed files with 25 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
magpie/configuration.nix
View File

@ -4,6 +4,7 @@
{ {
config, config,
pkgs, pkgs,
lib,
... ...
}: { }: {
imports = []; imports = [];
@ -20,16 +21,6 @@
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# thunderbird
# ];
# };
users.users.root.initialHashedPassword = ""; users.users.root.initialHashedPassword = "";
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0gyN7DzF7+sinneq7++fT93dNWe9ttKnLZJEb0LVs7UxPtz/ovlxnktAgEtSh7NUUGKPILGG6+YG/Jz3pb4cLuQHtavIQ2mIzIbiNl+c80gLNPulfOrC3KyCacYnlcEpoV+4yvMPLDf+5ySilYoF30CSIo8B7B4PSwO3/I20oXXY0zeVmYKs65BY8OrR8PDdtPpuqGcTdPpVSrooZQoykriFeejBb0Jn7qWO7vmsTyUZZIP4nKKUyqE6iFZ2zv+J3mYfuoglQKO1+kqcCYCef0sheLZGD4/QIIL8HJ9yNWb6OQhu7MEv1NowuHkviImwVO3actZ1/x4lrWt4mY+bGglVwA90u1KZUQ10qKQ2xCG2ZHE9DSxWxpI/Yq2P4pLA/XSkYFPpzmoD9c6cpv0WLAvmQrEVkqK0xXo+KszUlyGy5sVJl7/h1fZ8YhWsWUnU1XJFmKLaomUZflL3h7X6xJNVPzZmso8l1INdCvIBDu+G84kAp1/aFalSJMyjTgvCc1hxhAVYhmrc3msGH0Jk8CcPBwYa0BH4EryacdupOS/c5VxAbdyuizEgitP1ylRmydVVDEItPNXFvpWdyEehf/VmsUXqL48mBzfvi6feD5AzKjPaQNaATpxLs9Sl9CMxSy27ahHwEK6dek1wm7nkoSIDSRWfGhYKr3lUg0emAYQ==" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0gyN7DzF7+sinneq7++fT93dNWe9ttKnLZJEb0LVs7UxPtz/ovlxnktAgEtSh7NUUGKPILGG6+YG/Jz3pb4cLuQHtavIQ2mIzIbiNl+c80gLNPulfOrC3KyCacYnlcEpoV+4yvMPLDf+5ySilYoF30CSIo8B7B4PSwO3/I20oXXY0zeVmYKs65BY8OrR8PDdtPpuqGcTdPpVSrooZQoykriFeejBb0Jn7qWO7vmsTyUZZIP4nKKUyqE6iFZ2zv+J3mYfuoglQKO1+kqcCYCef0sheLZGD4/QIIL8HJ9yNWb6OQhu7MEv1NowuHkviImwVO3actZ1/x4lrWt4mY+bGglVwA90u1KZUQ10qKQ2xCG2ZHE9DSxWxpI/Yq2P4pLA/XSkYFPpzmoD9c6cpv0WLAvmQrEVkqK0xXo+KszUlyGy5sVJl7/h1fZ8YhWsWUnU1XJFmKLaomUZflL3h7X6xJNVPzZmso8l1INdCvIBDu+G84kAp1/aFalSJMyjTgvCc1hxhAVYhmrc3msGH0Jk8CcPBwYa0BH4EryacdupOS/c5VxAbdyuizEgitP1ylRmydVVDEItPNXFvpWdyEehf/VmsUXqL48mBzfvi6feD5AzKjPaQNaATpxLs9Sl9CMxSy27ahHwEK6dek1wm7nkoSIDSRWfGhYKr3lUg0emAYQ=="
@ -85,6 +76,7 @@
BASE_URL = "https://miniflux.project-cloud.net"; BASE_URL = "https://miniflux.project-cloud.net";
}; };
}; };
services.restya-board = { services.restya-board = {
enable = true; enable = true;
/* /*
@ -93,6 +85,7 @@
virtualHost.listenHost = "localhost"; virtualHost.listenHost = "localhost";
virtualHost.listenPort = 4001; virtualHost.listenPort = 4001;
}; };
services.nextcloud = { services.nextcloud = {
enable = true; enable = true;
hostName = "project-cloud.net"; hostName = "project-cloud.net";
@ -169,22 +162,21 @@
type = "postgres"; type = "postgres";
passwordFile = config.sops.secrets."postgres/gitea_dbpass".path; passwordFile = config.sops.secrets."postgres/gitea_dbpass".path;
}; };
settings.server.DOMAIN = "git.project-cloud.net"; settings.server = {
settings.server.HTTP_PORT = 3001; DOMAIN = "git.project-cloud.net";
ROOT_URL = "https://git.project-cloud.net";
HTTP_PORT = 3001;
};
settings.mailer = {
ENABLED = true;
FROM = "gitea@project-cloud.net";
PROTOCOL = "sendmail";
SENDMAIL_PATH = "/run/wrappers/bin/sendmail";
};
extraConfig = let extraConfig = let
docutils = docutils =
pkgs.python3.withPackages (ps: with ps; [docutils pygments]); pkgs.python3.withPackages (ps: with ps; [docutils pygments]);
in '' in ''
[mailer]
ENABLED = true
FROM = project.cloud@gmx.com
PROTOCOL = smtp
SMTP_ADDR = mail.gmx.com
HOST = mail.gmx.com:587
SMTP_PORT = 587
IS_TLS_ENABLED = false
USER = project.cloud@gmx.com
PASSWD = TS0obCMiuktEAS2x6lQ3
[service] [service]
REGISTER_EMAIL_CONFIRM = true REGISTER_EMAIL_CONFIRM = true
[markup.restructuredtext] [markup.restructuredtext]
@ -195,12 +187,22 @@
''; '';
}; };
/*
needed for sendmail mail functionality
*/
users.users.gitea.extraGroups = ["postdrop"];
systemd.services.gitea.serviceConfig = {
RestrictAddressFamilies = ["AF_NETLINK"];
ProtectSystem = lib.mkForce false;
};
security.acme = { security.acme = {
acceptTerms = true; acceptTerms = true;
defaults.email = "asmir.abdulahovic@gmail.com"; defaults.email = "asmir.abdulahovic@gmail.com";
}; };
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
sops.secrets."postgres/gitea_dbpass" = { sops.secrets."postgres/gitea_dbpass" = {
sopsFile = ./secrets/postgres.yaml; sopsFile = ./secrets/postgres.yaml;
owner = config.users.users.gitea.name; owner = config.users.users.gitea.name;
@ -216,7 +218,7 @@
networking.hostName = "magpie"; networking.hostName = "magpie";
networking.wireless.enable = false; networking.wireless.enable = false;
networking.firewall.enable = false; networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [80 443 587]; networking.firewall.allowedTCPPorts = [80 443 587];
networking.firewall.allowedUDPPorts = []; networking.firewall.allowedUDPPorts = [];
networking.networkmanager.enable = true; networking.networkmanager.enable = true;