ktiu/omniflake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

postfix, forgejo

Browse source
This commit is contained in:
Till 2026-01-14 16:52:29 +01:00
parent 0c0c944110
commit 5d1d3c3195
2 changed files with 8 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

26
system/web-server/forgejo.nix
View file

@ -10,10 +10,10 @@ in
{ {
security.acme.certs."${config.networking.domain}".extraDomainNames = [ security.acme.certs."${config.networking.domain}".extraDomainNames = [
"git.ktiu.net" "git.${config.networking.domain}"
]; ];
services.nginx.virtualHosts."git.ktiu.net" = { services.nginx.virtualHosts."git.${config.networking.domain}" = {
onlySSL = true; onlySSL = true;
useACMEHost = config.networking.domain; useACMEHost = config.networking.domain;
locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}"; locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
@ -32,25 +32,18 @@ in
settings = { settings = {
server = { server = {
# DOMAIN = "git.${config.networking.domain}"; DOMAIN = "git.${config.networking.domain}";
# # You need to specify this to remove the port from URLs in the web UI. ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}/";
# ROOT_URL = "https://git.ktiu.net/";
HTTP_PORT = 3080; HTTP_PORT = 3080;
}; };
# You can temporarily allow registration to create an admin user.
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
# Add support for actions, based on act: https://github.com/nektos/act
actions = { actions = {
ENABLED = true; ENABLED = true;
DEFAULT_ACTIONS_URL = "github"; DEFAULT_ACTIONS_URL = "github";
}; };
# Sending emails is completely optional
# You can send a test email from the web UI at:
# Profile Picture > Site Administration > Configuration > Mailer Configuration
mailer = { mailer = {
ENABLED = true; ENABLED = true;
SMTP_ADDR = "localhost"; SMTP_ADDR = "localhost";
@ -58,17 +51,6 @@ in
FROM = "Forgejo <git@${config.networking.domain}>"; FROM = "Forgejo <git@${config.networking.domain}>";
}; };
}; };
# secrets = {
# mailer.PASSWD = config.age.secrets.forgejo-mailer-password.path;
# };
}; };
# age.secrets.forgejo-mailer-password = {
# file = ../secrets/forgejo-mailer-password.age;
# mode = "400";
# owner = "forgejo";
# };
} }

9
system/web-server/mail/postfix.nix
View file

@ -64,6 +64,10 @@ in {
"[::ffff:127.0.0.0]/104" "[::ffff:127.0.0.0]/104"
"[::1]/128" "[::1]/128"
]; ];
smtpd_tls_chain_files = [
"${config.security.acme.certs."${config.networking.fqdn}-postfix".directory + "/key.pem"}"
"${config.security.acme.certs."${config.networking.fqdn}-postfix".directory + "/cert.pem"}"
];
}; };
master = { master = {
@ -77,11 +81,6 @@ in {
}; };
}; };
smtpd_tls_chain_files = [
"${config.security.acme.certs."${config.networking.fqdn}-postfix".directory + "/key.pem"}"
"${config.security.acme.certs."${config.networking.fqdn}-postfix".directory + "/cert.pem"}"
];
}; };
}; };
} }