add mailer to gitea
This commit is contained in:
parent
abdddc9870
commit
b94ed99932
1 changed files with 47 additions and 0 deletions
|
|
@ -3,11 +3,32 @@ let
|
||||||
httpPort = 8083;
|
httpPort = 8083;
|
||||||
sshPort = 22;
|
sshPort = 22;
|
||||||
domain = "git.cyplo.dev";
|
domain = "git.cyplo.dev";
|
||||||
|
emailDomain = "peninsula.industries";
|
||||||
baseurl = "https://${domain}";
|
baseurl = "https://${domain}";
|
||||||
path = "/var/lib/gitea";
|
path = "/var/lib/gitea";
|
||||||
|
mailgunSmtpSecretName = "gitea-mailgun-smtp-password";
|
||||||
|
mailgunSmtpPasswordPath = "/run/secrets/${mailgunSmtpSecretName}";
|
||||||
|
uid = 2051;
|
||||||
|
gid = 3051;
|
||||||
|
systemUserName = "gitea";
|
||||||
|
systemGroupName = "gitea";
|
||||||
|
users = {
|
||||||
|
users."${systemUserName}" = {
|
||||||
|
inherit uid;
|
||||||
|
isSystemUser = true;
|
||||||
|
isNormalUser = false;
|
||||||
|
group = systemGroupName;
|
||||||
|
};
|
||||||
|
groups."${systemGroupName}" = {
|
||||||
|
inherit gid;
|
||||||
|
members = [ "${systemUserName}" "nginx" ];
|
||||||
|
};
|
||||||
|
};
|
||||||
in {
|
in {
|
||||||
imports = [ ../nginx.nix ];
|
imports = [ ../nginx.nix ];
|
||||||
|
|
||||||
|
inherit users;
|
||||||
|
|
||||||
boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };
|
boot.kernel.sysctl = { "net.ipv4.ip_unprivileged_port_start" = 0; };
|
||||||
systemd.services.systemd-sysctl.enable = lib.mkForce true;
|
systemd.services.systemd-sysctl.enable = lib.mkForce true;
|
||||||
|
|
||||||
|
|
@ -24,6 +45,13 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
sops.secrets."${mailgunSmtpSecretName}" = {
|
||||||
|
sopsFile = ./mailgun.sops.yaml;
|
||||||
|
path = mailgunSmtpPasswordPath;
|
||||||
|
owner = systemUserName;
|
||||||
|
group = systemGroupName;
|
||||||
|
};
|
||||||
|
|
||||||
containers.gitea = {
|
containers.gitea = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
forwardPorts = [
|
forwardPorts = [
|
||||||
|
|
@ -41,14 +69,24 @@ in {
|
||||||
hostPath = "${path}";
|
hostPath = "${path}";
|
||||||
isReadOnly = false;
|
isReadOnly = false;
|
||||||
};
|
};
|
||||||
|
"${mailgunSmtpPasswordPath}" = {
|
||||||
|
hostPath = "${mailgunSmtpPasswordPath}";
|
||||||
|
isReadOnly = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
config = { config, pkgs, lib, ... }: {
|
config = { config, pkgs, lib, ... }: {
|
||||||
system.stateVersion = "22.05";
|
system.stateVersion = "22.05";
|
||||||
|
users = users // {
|
||||||
|
mutableUsers = false;
|
||||||
|
allowNoPasswordLogin = true;
|
||||||
|
};
|
||||||
services.gitea = {
|
services.gitea = {
|
||||||
inherit domain httpPort;
|
inherit domain httpPort;
|
||||||
enable = true;
|
enable = true;
|
||||||
rootUrl = baseurl;
|
rootUrl = baseurl;
|
||||||
stateDir = path;
|
stateDir = path;
|
||||||
|
user = systemUserName;
|
||||||
|
mailerPasswordFile = mailgunSmtpPasswordPath;
|
||||||
settings = {
|
settings = {
|
||||||
service.DISABLE_REGISTRATION = true;
|
service.DISABLE_REGISTRATION = true;
|
||||||
server = {
|
server = {
|
||||||
|
|
@ -58,6 +96,15 @@ in {
|
||||||
DISABLE_SSH = false;
|
DISABLE_SSH = false;
|
||||||
LFS_START_SERVER = true;
|
LFS_START_SERVER = true;
|
||||||
};
|
};
|
||||||
|
mailer = {
|
||||||
|
ENABLED = true;
|
||||||
|
FROM = "git.cyplo.dev <gitea@${emailDomain}>";
|
||||||
|
MAILER_TYPE = "smtp";
|
||||||
|
HOST = "smtp.eu.mailgun.org:465";
|
||||||
|
IS_TLS_ENABLED = true;
|
||||||
|
USER = "postmaster@${emailDomain}";
|
||||||
|
};
|
||||||
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue