fricloud/server-configs
2
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

lldap: automatic provision + system users + stalwart + whatever

Browse source
This commit is contained in:
eyjhb 2025-02-03 18:15:53 +01:00
parent 4a0129585a
commit 82caf96d36
Signed by: eyjhb
GPG key ID: 609F508E3239F920
19 changed files with 405 additions and 285 deletions
Download patch file Download diff file Expand all files Collapse all files

12
machines/gerd/services/wger/default.nix
View file

@ -18,7 +18,7 @@ in {
# wger specific settings
wgerSettings = {
EMAIL_FROM = "wger Workout Manager <wger@${svc_domain}>";
EMAIL_FROM = "wger Workout Manager <wger@${config.mine.shared.settings.domain}>";
# use authelia for authentication (disable guest users + regisration)
AUTH_PROXY_HEADER = config.mine.shared.lib.authelia.protectedHeaders.username;
@ -39,7 +39,7 @@ in {
EMAIL_PORT = config.mine.shared.settings.mail.ports.submissions;
EMAIL_USE_SSL = true;
EMAIL_HOST_USER = "wger";
EMAIL_HOST_PASSWORD = "$EMAIL_HOST_PASSWORD";
EMAIL_HOST_PASSWORD = "file:${config.age.secrets.wger-ldap-pass.path}";
EMAIL_FROM_ADDRESS = config.services.wger.wgerSettings.EMAIL_FROM;
EMAIL_PAGE_DOMAIN = SITE_URL;
};
@ -62,6 +62,14 @@ in {
locations."/api".proxyPass = "http://localhost:${builtins.toString port}";
};
# setup lldap user for authelia that can send emails
services.lldap.provision.users = config.mine.shared.lib.ldap.mkScope (lconfig: llib: {
wger = llib.mkProvisionUserSystem "wger" config.age.secrets.wger-ldap-pass.path;
});
# setup permissions
age.secrets.wger-ldap-pass.owner = config.services.wger.user;
# metadata
mine.shared.meta.wger = {
name = "Wger";