fricloud/server-configs
2
0
Fork 0
Code Issues 4 Pull requests Projects Releases Packages Wiki Activity Actions

nextcloud: setup smtp (smtp password in two places, sadly)

Browse source
This commit is contained in:
eyjhb 2025-02-17 17:08:56 +01:00
parent d53f145586
commit 971969d894
Signed by: eyjhb
GPG key ID: 609F508E3239F920
5 changed files with 30 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

18
machines/gerd/services/nextcloud.nix
View file

@ -158,7 +158,7 @@ in {
config.dbtype = "pgsql"; config.dbtype = "pgsql";
# settings # settings
settings = { settings = rec {
# open connect/oidc # open connect/oidc
oidc_login_provider_url = "https://${config.mine.shared.settings.authelia.domain}"; oidc_login_provider_url = "https://${config.mine.shared.settings.authelia.domain}";
oidc_login_client_id = AUTHELIA_AUTH_NAME; oidc_login_client_id = AUTHELIA_AUTH_NAME;
@ -176,9 +176,25 @@ in {
}; };
oidc_login_scope = "openid profile email groups"; oidc_login_scope = "openid profile email groups";
oidc_login_code_challenge_method = "S256"; oidc_login_code_challenge_method = "S256";
# mail
mail_from_address = "nextcloud";
mail_smtpmode = "smtp";
mail_sendmailmode = "smtp";
mail_domain = "${config.mine.shared.settings.domain}";
mail_smtphost = "${config.mine.shared.settings.mail.domain_smtp}";
mail_smtpport = config.mine.shared.settings.mail.ports.submissions;
mail_smtpsecure = "ssl";
mail_smtpname = mail_from_address;
# mail_smtppassword = "defined-in-the-secrets-file-and-in-a-separate-file-for-lldap";
}; };
}; };
# setup lldap user for nextcloud that can send emails
services.lldap.provision.users = config.mine.shared.lib.ldap.mkScope (lconfig: llib: {
nextcloud = llib.mkProvisionUserSystem "nextcloud" config.age.secrets.nextcloud-smtp-pass.path;
});
systemd.services.nextcloud-setup = { systemd.services.nextcloud-setup = {
# runs this after all the main nextcloud-setup stuff # runs this after all the main nextcloud-setup stuff
script = lib.mkAfter '' script = lib.mkAfter ''

1
secrets/default.nix
View file

@ -33,6 +33,7 @@
# nextcloud # nextcloud
nextcloud-admin-pass.file = ./nextcloud/admin-pass.age; nextcloud-admin-pass.file = ./nextcloud/admin-pass.age;
nextcloud-secrets.file = ./nextcloud/secrets.age; nextcloud-secrets.file = ./nextcloud/secrets.age;
nextcloud-smtp-pass.file = ./nextcloud/smtp-pass.age;
# stalwart # stalwart
stalwart-admin-fallback-password.file = ./stalwart/admin-fallback-password.age; stalwart-admin-fallback-password.file = ./stalwart/admin-fallback-password.age;

BIN
secrets/nextcloud/secrets.age
View file

Binary file not shown.

11
secrets/nextcloud/smtp-pass.age Normal file
View file

@ -0,0 +1,11 @@
age-encryption.org/v1
-> ssh-ed25519 QSDXqg nLdvh4Rh7NRfCpubsUOaSTwL+uQYa9jpiWWHmq8tBzo
jIgDAQZAmpoOqShDWMZZC3m/go+DImfYbg+gOlbbLu4
-> X25519 jJ3QUtYdo6FM/xncqZeJMg5JJh2PKhe8rDw46ZrbqWo
uoDuPBJDplDoRiJGi2NFNJqDlo/fRGUqPiD0Jk6AX1c
-> ssh-ed25519 n8n9DQ +3vT7Jfx+kUFbHbEAWFN0hiDn0c0m+65brjuM5M4HRI
+jGGD9trmPr0BV2Ev1PvcdTAbzEyrHtHGleuheuYrIY
-> ssh-ed25519 BTp6UA Da7JqYJiJToDKhRelrwbXCj35URUi9T/Zzr0fLAZX1A
Kyi0O0Wog/VYlnCezm9qyxHiEU606kVHZfp17NKxXQk
--- 2t7lCNkYh/E4RyFx7sAtup5z9z/UFcxvk4XHhfJK+4I
òÊ¡ "<22>V˜nê¢ú]«„þ·ÁhQYŽs¡Y9ÎY®^€rã®ÔÑ6lƒ6*@G{vœRf÷°IÐù7

1
secrets/secrets.nix
View file

@ -43,6 +43,7 @@ in
# nextcloud # nextcloud
"nextcloud/admin-pass.age".publicKeys = defaultAccess; "nextcloud/admin-pass.age".publicKeys = defaultAccess;
"nextcloud/secrets.age".publicKeys = defaultAccess; "nextcloud/secrets.age".publicKeys = defaultAccess;
"nextcloud/smtp-pass.age".publicKeys = defaultAccess;
# mailserver/stalwart # mailserver/stalwart
"stalwart/admin-fallback-password.age".publicKeys = defaultAccess; "stalwart/admin-fallback-password.age".publicKeys = defaultAccess;