Commit d02584a
Changed files (3)
hosts
chaser-pardofelis
secrets
hosts
pardofelis
hosts/chaser-pardofelis/forgejo.nix
@@ -25,6 +25,23 @@
SSH_PORT = 2233;
ROOT_URL = "https://${config.services.forgejo.settings.server.DOMAIN}/";
};
+ service = {
+ DISABLE_REGISTRATION = true;
+ ENABLE_NOTIFY_MAIL = true;
+ ENABLE_BASIC_AUTHENTICATION = false;
+ };
+ repository = {
+ DEFAULT_REPO_UNITS = "repo.code,repo.releases";
+ };
+ mailer = {
+ ENABLED = true;
+ PROTOCOL = "smtps";
+ SMTP_ADDR = "glacier.mxrouting.net";
+ SMTP_PORT = 465;
+ USER = "info@hpcesia.com";
+ FROM = "Forgejo Infomation <info@hpcesia.com>";
+ SUBJECT_PREFIX = "[repo.hpcesia.com] ";
+ };
# TODO: Enable federation after I finalize a suitable instance name and switch to an independent domain.
federation.ENABLED = false;
session.COOKIE_SECURE = true;
@@ -37,6 +54,9 @@
ENABLED = true;
};
};
+ secrets = {
+ mailer.PASSWD = config.sops.secrets.forgejo-mailer-password.path;
+ };
};
users.users."git" = {
secrets/hosts/pardofelis/default.nix
@@ -61,6 +61,17 @@ in
}
// secretFileConf;
}
+ {
+ name = "forgejo-mailer-password";
+ value =
+ {
+ key = "services/forgejo/mailerPassword";
+ owner = "root";
+ group = "forgejo";
+ mode = "0440";
+ }
+ // secretFileConf;
+ }
{
name = "restic-backup-password";
value = {key = "services/restic/password";} // secretFileConf;
secrets/hosts/pardofelis/secrets.yaml
@@ -7,6 +7,8 @@ services:
defaultUserPassword: ENC[AES256_GCM,data:go37FcBdkPaI3o9ufWWSe4csncSBXl7Sna1lOU9xCxc=,iv:uslyMRqDLmJp9al4kz+F/f8tcyAzpBtnRHRNaz5E+1U=,tag:cs/laSyPWy0GHN3bMO8FRQ==,type:str]
grafana:
adminPassword: ENC[AES256_GCM,data:GSD4lXMBxnzbmWluPp0J4Y7EDOnutCZq,iv:MqyKSHZk2RkPEo07SQxYYYZir+DPwWSjwwWVfeP8kqQ=,tag:VVJFT5HQquF6fOp7aOINSA==,type:str]
+ forgejo:
+ mailerPassword: ENC[AES256_GCM,data:R9zhwWLjxAuZe3+pXXh12GsO01kpseOv,iv:Z+VH4XHj7HHEr+PdWtpa2kL/vXOaaVZl+aqrFm/htoQ=,tag:sEvfPKWxWjTJzVAeND9/kA==,type:str]
forgejo-runner:
token: ENC[AES256_GCM,data:gm23RUL8LVnq6prQFjX+mk2NlcURJuRdlOOzDjM6brjPOi4Rxy4dZw==,iv:OsRpBP5SEdHSHiCAVS7FJhAlnuBODc66Ap+Fty9fhZo=,tag:7Ez+qNe/w18DGJT+neZSHA==,type:str]
gotosocial:
@@ -58,8 +60,8 @@ sops:
SENxSmtOQUlWaFg4Tys2MU91UklURW8K8VUSmBV87SBHVtTfJJrEbX3KtxtPT+nd
a0lbIgNit5pZu5uQVwiuENuPA3K+/3Uo0AIVRxkHJC8ZVqrjXeHhvw==
-----END AGE ENCRYPTED FILE-----
- lastmodified: "2025-08-20T06:45:56Z"
- mac: ENC[AES256_GCM,data:PZSFrc4x0K+bq2sdnDney86wxQ/0jPsXRpc/e35Zdk3SFajxOe9z9VbQAiln8qeFgGdg/IY3U9BDsVZEsgMc+xQpVRIZxGvozP3Zt/MAsMfjLGN2bGpPgJoL11s9CJ4vCeOTECV9ps+ckD+pXdekBObKdMw21OanK1vXeP/WsuE=,iv:mWTrtcXquPs29rNKseQsppOq+HBuwMromxZmW9LljlU=,tag:Jx8DWVzH/WZo34ibtHbGCA==,type:str]
+ lastmodified: "2025-08-21T12:48:17Z"
+ mac: ENC[AES256_GCM,data:Mdc04pB0+QscCchESv3hcYWI8XgJEvhkwc49qzfPJMd9xf0SjA096QdpltiLggRtbKewxpVnkOOZJdZ5z7Fb+R63m7nVcHGRVIY0LZJqhaOLoZpkPk/0znLvm7fGLEqiCZRCtM4tM8OVauKJUcLbLZYWVFZ96evx4p1KGrEcVB0=,iv:hNmLXa5H6C3QAZkI3ulHWXM+yDz7zD8Y8q9ulJ4nXMA=,tag:RnlvXIfnrLsz2dIgNwYGiA==,type:str]
pgp:
- created_at: "2025-08-06T11:08:38Z"
enc: |-