diff --git a/secrets/etna/forgejoMailerPasswd.age b/secrets/etna/forgejoMailerPasswd.age new file mode 100644 index 0000000..9447cca --- /dev/null +++ b/secrets/etna/forgejoMailerPasswd.age @@ -0,0 +1,13 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJdk5NTVp0cnhvb21xejZx +V0U3Q2h3YktWOFl6cU4xekVERE5kMWJDanlVCkM3eWQ2TnJHRFR3WlFxZzByaitY +NFd5SC9vdUIwaWJtNXNNODZ3cXMyNjAKLT4gWDI1NTE5IFl1UFJJRlFkTlErM01D +ZCtuQlNwbU1zWTJoQVNpa1FaeGE2UEhzdGF1VEkKMVFFTWx6dXNpeEpEN0pFVkR2 +OWFPWmxhUlpjR3A4eUhObDZ3b3BXL3lSWQotPiBYMjU1MTkgU2UrVG1vMU1TYjVv +NytON1R1VVY0MGF6aWo1bVhFMkhRK0VkZFg1YzVrUQptWFpvRW9JSEt0bWN5aWtv +VXE5RDFxSS9LZlovTWsrWHpTL1AyS2dFbDdFCi0+IFgyNTUxOSBBTWhJeWx3b1ZX +U283dUsyYzBVbG9yaFA0a3kzOHZFa0tlNkU1KzlGaFRRClZOaXhsUWFuWG1LRkdX +eG56Z2o1TXlLV2R4cnZ1TzczR2locjM2Z3RkYzQKLS0tIGlYamFQSW1EYnZjcFpZ +WG1nQ1dKV2l4dy96WGhOWlpVc3g1R1AwRjRWc3MKWvXALkzrFnGg5J1P1XI8wBLV +GgX6FnY0WXwrCHi66yZwdyVxdt+B2qyyvFW/jluvk3iC6sNZdJmiv2ggN6zby+M= +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/etna/vaultwardenEnv.age b/secrets/etna/vaultwardenEnv.age index e4f9117..461e571 100644 --- a/secrets/etna/vaultwardenEnv.age +++ b/secrets/etna/vaultwardenEnv.age @@ -1,19 +1,18 @@ -----BEGIN AGE ENCRYPTED FILE----- -YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBFSFJieU9lQnZOQy81VzJK -V0MwTGFpdWtGenpuWE4xdDR4dWJhQkRwRlZvCm8rMkloMEVhdkkybFhWUmxuekF0 -cm04b1hqTGx6V1Nuelg0TVdYK0R5ZEUKLT4gWDI1NTE5IDdxb0x5ZTNnSDV0b3I0 -Zm5PUE1SelNtbm5pRTV6Zk5PSEo1KzJTckdoUzAKWkZVdTlKRnJYMmpLWlhiSXBX -QzJKaTVxNkNxYk8ydGFtT3NrUEdtRytvMAotPiBYMjU1MTkgWW1UOWdLU3V6Zkhi -Q0E2QlhHN0huSGs0ZDhmb0pwMzV4MGVzVVViOE9FTQpHSkFvQlNVVDRhS0FiTlR5 -UmZOOGc5ejc2RzgxSHo4ZXRJbzBkeitsT2NRCi0+IFgyNTUxOSBsMVpFdER6MXJ4 -RlRHSG91TDFMai8vTm1zS1FaSk1HQmEzMDJDbnpaZ0UwCm51MzRWblNNeHBCWHFk -Z05FT0ZjNHZjdXljTmlpeVJVNGpVRExPYkVZbmsKLS0tIGJzTkRzVE9GMFJDdStO -Tkg3cTVuY0RCWEhlbUhwNGZiMHBCUThlQXRtcFEKcydfFV97p3gVuFaGXP+8l54y -v6R0EtjFjbFp7DhWY9Hut1viI0ogstBMilehmjKGrZ6bofWEFEoOod9tiLeQsP3S -AmLrJ+Uj0Wz/xLdxydZDVFR51fnJ7KSDOMPbPcIKcryFsuJntRq4g5tEJo2TiuwI -DSQjwrQ69KiH1BXFOYexeKbrfLgIPmU+oYGx/kYGQqcoTu3YegpRQgbShdAZSYJB -X713AuYtAxCmPPcoJIMhsuG/TrLlVAPm+3+Y7RogjleubZ3T4OJCtrvz7X0Yllam -mjGOXxm4AVsee6vOJMo1suGKYalnDU3cEyt0lF7aUv7DdLhkRLosvAaa/yL/Veae -cdckvQfLqB6yVYQNP6z1ss8Ry7UhMNjASSSXMZx49rQX1sebCSzYeOVFDbupaCqM -LWv3nr8= +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsdmgvSWp2K2lZc0Q5SXho +eWRWd0tKd3ArM1hEMTFITzZDUCsxVGJSK2hBCkZHTHY4ZGVGaVJUMmg4SkRmZzdX +L2txUXNOQkZXK3pWa0xiYnJMZ1BRR3cKLT4gWDI1NTE5IEdlU04zUU45Z2VYNXBp +Q2JTYm1EdDc2NzFQTXE3NDlTejdHOGNObVRNajQKOGRtTDYvbFVSSldEd0YxcTd3 +MDFETWUzdktEWTVvcVJmUmNRaXM2UmdQUQotPiBYMjU1MTkgR2s4NWc2UE55djdJ +b0ZWa1ByY29qZzZacTlLcGFiRUF5bmxDdi90dTJ4UQo0OFNZSFc2TmtMOHJjZTg4 +djZ3T3ZyZTVDTHhFTkQwVG9zRk5kQ1RMclJVCi0+IFgyNTUxOSBOVFJhNHN1THRN +QUNVRVk0TGpkR0E3ZFpFZ01lY2QwOGtTR1RCRlBzbmxnClBPMHAxS0FZY0dPdGM3 +YlZ3OXhORDhYSWZhQWpKaEF6Ynd2OUVwMi82VVEKLS0tIE5HVjRRbzhhTWs5dnh0 +cTNnbHh6aWJaV09pc21kZVlCQUlsOGszeW1SUjAKgSD1DTA3dGWPBL3Qh0MM9siJ +nWaVDa/avM0EMlAFfrsIDgj7Ze+IRJDsjD6xc2Oaz6Ny9lNGSdIyrapdJtHQH8zh +bTt49sqzX9MHCDOjXs86E2tZfPpIGiRIU+nmmwglD+SiSx7fqPD7M1IP8RHPi7Tm +K/JuO0e2uNdCsccv84Bpmxwxc0MYzNQjmIoz4qnX6UZvvPz9J7bYkPSPCdwzWd9U +zPe6jAEzwxNkCQ1Pry23ilUf7BU5HpNr0cYqS4daJ1kwZazIDqzAm3snoF6F0FsK +EQyH+XtAm7aRHqIT1DgZ/9bFHqGptBgEKgLiouLqcrtWRxSQnUHBcDqcVNzgsPtg +1V6yeN/tVXwEZ7fm2oMFZyg+GE9krD8dWPs48SZxu0axwi0oV6w0dJo= -----END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 9971813..3af2387 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -37,6 +37,7 @@ in "etna/turnstileSecret.age".publicKeys = main ++ [ etna ]; "etna/navidromeEnv.age".publicKeys = main ++ [ etna ]; "etna/forgejoRunnerSecret.age".publicKeys = main ++ [ etna ]; + "etna/forgejoMailerPasswd.age".publicKeys = main ++ [ etna ]; "etna/vaultwardenEnv.age".publicKeys = main ++ [ etna ]; "etna/vmauthEnv.age".publicKeys = main ++ [ etna ]; "etna/upsdUserPass.age".publicKeys = main ++ [ etna ]; diff --git a/systems/etna/forgejo.nix b/systems/etna/forgejo.nix index 7da7460..1275fc1 100644 --- a/systems/etna/forgejo.nix +++ b/systems/etna/forgejo.nix @@ -9,6 +9,7 @@ let secrets = [ "turnstileSecret" "forgejoRunnerSecret" + "forgejoMailerPasswd" ]; extra = { owner = "forgejo"; @@ -33,6 +34,7 @@ in secrets = { service.CF_TURNSTILE_SECRET = secrets.get "turnstileSecret"; + mailer.PASSWD = secrets.get "forgejoMailerPasswd"; }; settings = { @@ -48,6 +50,9 @@ in service = { ALLOW_ONLY_EXTERNAL_REGISTRATION = true; + REGISTER_EMAIL_CONFIRM = true; + ENABLE_NOTIFY_EMAIL = true; + EMAIL_DOMAIN_BLOCK_DISPOSABLE = true; ENABLE_CAPTCHA = true; CAPTCHA_TYPE = "cfturnstile"; CF_TURNSTILE_SITEKEY = "0x4AAAAAAAaemJiXmRluMxbQ"; @@ -58,6 +63,15 @@ in ENABLED = true; }; + mailer = { + ENABLED = true; + FROM = "\"uku's forge\" "; + PROTOCOL = "smtps"; + SMTP_ADDR = "mx1.uku3lig.net"; + SMTP_PORT = 465; + USER = "services@uku3lig.net"; + }; + actions = { ENABLED = true; DEFAULT_ACTIONS_URL = "https://github.com"; diff --git a/systems/etna/vaultwarden.nix b/systems/etna/vaultwarden.nix index 7bb1735..985d55e 100644 --- a/systems/etna/vaultwarden.nix +++ b/systems/etna/vaultwarden.nix @@ -22,10 +22,10 @@ in ROCKET_ADDRESS = "::1"; ROCKET_PORT = 8222; - SMTP_HOST = "in-v3.mailjet.com"; - SMTP_FROM = "vaultwarden@uku3lig.net"; - SMTP_PORT = 587; - SMTP_SECURITY = "starttls"; + SMTP_HOST = "mx1.uku3lig.net"; + SMTP_FROM = "services@uku3lig.net"; + SMTP_PORT = 465; + SMTP_SECURITY = "force_tls"; }; }; }