From 182198230afd4133cf4ac32b28cd9d77d32e007c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Madeleine=20Sydney=20=C5=9Alaga?= Date: Sun, 22 Mar 2026 01:50:34 -0600 Subject: [PATCH] =?UTF-8?q?feat(gitea):=20=EC=9D=B4=EB=A9=94=EC=9D=BC=20?= =?UTF-8?q?=EB=8D=94=ED=95=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/nixos/deertopia/gitea.nix | 18 +++++++++++++++++- secrets.yaml | 5 +++-- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/modules/nixos/deertopia/gitea.nix b/modules/nixos/deertopia/gitea.nix index d2514e6..a33a8c4 100644 --- a/modules/nixos/deertopia/gitea.nix +++ b/modules/nixos/deertopia/gitea.nix @@ -40,11 +40,18 @@ in { # sudo -u git gitea admin auth add-ldap --name gitea --port 3890 --bind-dn 'uid=gitea,ou=people,dc=deertopia,dc=net' --bind-password «password» --user-search-base 'ou=people,dc=deertopia,dc=net' --user-filter '(&(memberof=cn=git,ou=groups,dc=deertopia,dc=net)(|(uid=%[1]s)(mail=%[1]s)))' --username-attribute uid --firstname-attribute givenName --surname-attribute sn --email-attribute mail --avatar-attribute jpegPhoto --security-protocol unencrypted --host 127.0.0.1 --config /var/lib/gitea/custom/conf/app.ini --synchronize-users + sydnix.sops.secrets.gitea-mailer-password = { + mode = "0440"; + owner = "git"; + group = "git"; + }; + services.gitea = { enable = true; user = "git"; group = "git"; - appName = "GupHub"; # Name per my darling Colestar ♥ + appName = "GupHub"; # Name per my dear Astrid ♥!!!!! + mailerPasswordFile = config.sops.secrets.gitea-mailer-password.path; settings = { server = { ROOT_URL = "https://git.deertopia.net/"; @@ -53,7 +60,16 @@ in { }; service = { DISABLE_REGISTRATION = true; + ENABLE_NOTIFY_MAIL = true; }; + mailer = { + ENABLED = true; + FROM = "Gitea "; + PROTOCOL = "smtps"; + SMTP_ADDR = "smtp.fastmail.com"; + SMTP_PORT = 465; + USER = "msyds@deertopia.net"; + }; }; }; }; diff --git a/secrets.yaml b/secrets.yaml index 6e652ea..c6b477f 100644 --- a/secrets.yaml +++ b/secrets.yaml @@ -30,6 +30,7 @@ anki-username: ENC[AES256_GCM,data:584uxjwyodM=,iv:/6HLSLzHgc77U1iN5JDLR9F+o8Nfe anki-password: ENC[AES256_GCM,data:plSKMTeeilKt6weAnzw/jMo65A==,iv:lzuPUt1+2Iwi9sHbaFj0OuBLd1p+Do2N5aCYXd45MFQ=,tag:WIABFp1T6NuIGpqqQFHmrg==,type:str] anki-sync-key: ENC[AES256_GCM,data:Ka4sPghPwmWQvdXw40ZRLogoMVTBjLnaSyHT9lTfn2XWHHqFAkANAg==,iv:bFkb/k7UUL8t26LjmQwiDYJpvq93NWuqUU/jNYkr7GQ=,tag:Mx5JdqjI3MDk7hsvOlPYIw==,type:str] gitea-actions-runner-token: ENC[AES256_GCM,data:JglbJ2hgXl1wV2bCkcged+D3UrpWMMBuX+ri6YeIqwLIlscvK/wVCdsxQZtDGw==,iv:BYhgfoIa/wHQkd4c7kU8AWAJQfpTfUvSamFXDBqQXTE=,tag:sIK1XxVPIU+uBGaJY3AmTQ==,type:str] +gitea-mailer-password: ENC[AES256_GCM,data:bgFAhAzYcDhHi4Brg7x8CQ==,iv:hj8+YbcE+Jfhtu8g//Y8EiNw1CejTtMgstB/knbgOls=,tag:CYX3Pr4ErzvHGVfhpvfruw==,type:str] sops: age: - recipient: age10fqh0td67alzpyjyhdex5ncj9thvaty506r0t63vs2nz4ldafgaqadl8mg @@ -50,7 +51,7 @@ sops: TXFLY2l0UHJ3Z0NGZjVpbTQ2UC8yaTQKA7wTmW9Ha6T2KmCr/nkXdizgv8+V6SAp ZhDO+uDQ1evIh2wLWMOXNJ3d/zplLCOTzR2xkqBIUp5V7MXj45RUIA== -----END AGE ENCRYPTED FILE----- - lastmodified: "2026-03-06T21:55:10Z" - mac: ENC[AES256_GCM,data:Coff3pzqPxqe1g+2R7V0AN/ZSLog6sKHIBSoWOflYH8tKbIqwvQFRVvEQN6D1o6ZhD2wu8NyTVrKY7FYn4nG9DsEQq8vknq51r1Z9meLSP114N37oX5qjp60ns9kEm3kbf41DTObXETs+jzcA4Rcl2m9Z5I/feKEm7oFp6PvzEg=,iv:Bywv84FGB6IO7M9KFoxx3cVXFElX7QNWossWszMJui8=,tag:D07pceBF1i1vUMZ7nFuslA==,type:str] + lastmodified: "2026-03-22T07:49:51Z" + mac: ENC[AES256_GCM,data:Y/7XSZtPlVPDV3eToYQ9MoAGF9nGq0sd0KU1VaR5duK1xbETULioQcpPvVk6HL1kPlUjnmR8RXfCKBC7EJ9P/UAMV2ySulLtD6daogCzF3qa2JSyXPuOyMuXMSjwCNcCyHgpaOrWz+7Zf9FU/1wQwVHeCDTf0sFHaX0xttFfHkg=,iv:7+zXPjeslh+z9hWhYXoUphpbg3Tpe4OHQEcUmetuiMM=,tag:LB0GuN+5TJxXyuvrrqOi7g==,type:str] unencrypted_suffix: _unencrypted version: 3.12.1