From 2f5d7291c011a259b1d5ed4a112578107f0e2270 Mon Sep 17 00:00:00 2001 From: Nick Date: Sun, 2 Feb 2025 20:41:04 -0600 Subject: [PATCH] feat: smtp test --- config/default.nix | 1 + config/instances/config/smtp.nix | 13 ++++ flake.lock | 84 +++++++++++++------------- nixos/modules/services/vaultwarden.nix | 54 ++++++++--------- secrets/secrets.yaml | 8 +-- 5 files changed, 87 insertions(+), 73 deletions(-) create mode 100644 config/instances/config/smtp.nix diff --git a/config/default.nix b/config/default.nix index 817ae89..6986997 100755 --- a/config/default.nix +++ b/config/default.nix @@ -56,6 +56,7 @@ let subdomain = stringType; label = stringType; name = stringType; + hostname = stringType; domains = genOptions stringType "url"; dns = genOptions stringType "provider"; localhost = genOptions stringType "address"; diff --git a/config/instances/config/smtp.nix b/config/instances/config/smtp.nix new file mode 100644 index 0000000..2245c93 --- /dev/null +++ b/config/instances/config/smtp.nix @@ -0,0 +1,13 @@ +{ instancesFunctions }: +let + inherit (instancesFunctions) + dummy + ; +in +{ + hostname = "mail.smtp2go.com"; + email = dummy; + ports = { + port0 = 2525; + }; +} diff --git a/flake.lock b/flake.lock index e39a681..d1d7ff4 100755 --- a/flake.lock +++ b/flake.lock @@ -20,11 +20,11 @@ ] }, "locked": { - "lastModified": 1738183445, - "narHash": "sha256-C1He3N1SA8D2u+TSlldbA9wiYwDvXI4GxX3zKaeD7qU=", + "lastModified": 1738456976, + "narHash": "sha256-cufyHbOMnSt9V4w4OVSzNcpJ+8DwzRZRJaca2Q89KVI=", "owner": "hyprwm", "repo": "aquamarine", - "rev": "48a000cf35dd10bfeb231152735aebbe875f4b74", + "rev": "257b2050790ab3b1eb389e0f8bdc400eb9510139", "type": "github" }, "original": { @@ -44,11 +44,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1737857314, - "narHash": "sha256-T9THCbnlj4CkKbTP+lisA5PUMoTXE7uh4FyDQzui+dc=", + "lastModified": 1738462159, + "narHash": "sha256-ZBK7MABYnd9fjjOYRA8plXRMdVoir6EuUImcM8LxSBQ=", "owner": "nix-community", "repo": "buildbot-nix", - "rev": "c077f430f3717d41bb303d031398058665315166", + "rev": "13b7bb36c12e42797218ce04d6767e83c70497d3", "type": "github" }, "original": { @@ -242,11 +242,11 @@ ] }, "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "lastModified": 1738453229, + "narHash": "sha256-7H9XgNiGLKN1G1CgRh0vUL4AheZSYzPm+zmZ7vxbJdo=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "rev": "32ea77a06711b758da0ad9bd6a844c5740a87abd", "type": "github" }, "original": { @@ -520,11 +520,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1738455488, - "narHash": "sha256-tiMwjSEMyIQ9UnQ7/UmxvTnigdgBW2DC/17dxbsih+w=", + "lastModified": 1738547365, + "narHash": "sha256-4GrVwyIZKx14eVG8TZMKmgyw8v3TuETPrLvYkFNqlyc=", "owner": "helix-editor", "repo": "helix", - "rev": "e70f8833e2ba4903324449da7f2116b75de67537", + "rev": "066e938ba083c0259ff411b681eca7bad30980df", "type": "github" }, "original": { @@ -547,11 +547,11 @@ ] }, "locked": { - "lastModified": 1736917206, - "narHash": "sha256-JTBWmyGf8K1Rwb+gviHIUzRJk/sITtT+72HXFkTZUjo=", + "lastModified": 1738237977, + "narHash": "sha256-oJN/yvRL7G0WlR/hTkQIjFbPkzCV+sFnNB/38Tb9RL4=", "owner": "hercules-ci", "repo": "hercules-ci-effects", - "rev": "afd0a42e8c61ebb56899315ee4084a8b2e4ff425", + "rev": "6d1b6d5d59758b4f5f05745f774fc13cdc59da43", "type": "github" }, "original": { @@ -625,11 +625,11 @@ ] }, "locked": { - "lastModified": 1738018829, - "narHash": "sha256-5Ol5iahMlELx3lWuChyZsqqLk6sP6aqaJCJFw92OZGo=", + "lastModified": 1738437059, + "narHash": "sha256-J+8ecqaP3zD9GHeN8Y4hUapoELSoggp0IZI8laTFt/0=", "owner": "hyprwm", "repo": "hyprgraphics", - "rev": "12cd7034e441a5ebfdef1a090c0788413b4a635b", + "rev": "5ac80e3686a4dfa55d2bd15c81a266b89594a295", "type": "github" }, "original": { @@ -681,11 +681,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1738437019, - "narHash": "sha256-XPl2sQ6x5Dtw4XrrLMp1ERQSG1/heV6JJ9Gthm2SCMw=", + "lastModified": 1738546470, + "narHash": "sha256-pyMFj2IBeiRDnYoHD9XtbFiwBzvXJCavdFoVPnZ1YB0=", "owner": "hyprwm", "repo": "Hyprland", - "rev": "64fefa3749868e6170b6275963c6528456a7d9f2", + "rev": "708d16636047c6a311c4e44424cf7d2090219a47", "type": "github" }, "original": { @@ -756,11 +756,11 @@ ] }, "locked": { - "lastModified": 1737556638, - "narHash": "sha256-laKgI3mr2qz6tas/q3tuGPxMdsGhBi/w+HO+hO2f1AY=", + "lastModified": 1738422629, + "narHash": "sha256-5v+bv75wJWvahyM2xcMTSNNxmV8a7hb01Eey5zYnBJw=", "owner": "hyprwm", "repo": "hyprland-protocols", - "rev": "4c75dd5c015c8a0e5a34c6d02a018a650f57feb5", + "rev": "755aef8dab49d0fc4663c715fa4ad221b2aedaed", "type": "github" }, "original": { @@ -1146,11 +1146,11 @@ "systems": "systems_9" }, "locked": { - "lastModified": 1738417913, - "narHash": "sha256-kDvtRkmeXtFo6UrxFCLRWxyPbNhwyIzb5vRXmPZ3D/k=", + "lastModified": 1738530522, + "narHash": "sha256-6PdmWHiMmUEtDP324tKbHmgwYmeTvJju17DIN49ylqM=", "owner": "ngi-nix", "repo": "ngipkgs", - "rev": "22541f0b0b4375ac55590981b0c529620cea8a4f", + "rev": "f3fb5a5b58f69fd79f432b7927fad41af5f71f59", "type": "github" }, "original": { @@ -1161,11 +1161,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737879851, - "narHash": "sha256-H+FXIKj//kmFHTTW4DFeOjR7F1z2/3eb2iwN6Me4YZk=", + "lastModified": 1738422722, + "narHash": "sha256-Q4vhtbLYWBUnjWD4iQb003Lt+N5PuURDad1BngGKdUs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5d3221fd57cc442a1a522a15eb5f58230f45a304", + "rev": "102a39bfee444533e6b4e8611d7e92aa39b7bec1", "type": "github" }, "original": { @@ -1193,11 +1193,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1737672001, - "narHash": "sha256-YnHJJ19wqmibLQdUeq9xzE6CjrMA568KN/lFPuSVs4I=", + "lastModified": 1738435198, + "narHash": "sha256-5+Hmo4nbqw8FrW85FlNm4IIrRnZ7bn0cmXlScNsNRLo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "035f8c0853c2977b24ffc4d0a42c74f00b182cd8", + "rev": "f6687779bf4c396250831aa5a32cbfeb85bb07a3", "type": "github" }, "original": { @@ -1502,11 +1502,11 @@ ] }, "locked": { - "lastModified": 1737411508, - "narHash": "sha256-j9IdflJwRtqo9WpM0OfAZml47eBblUHGNQTe62OUqTw=", + "lastModified": 1738291974, + "narHash": "sha256-wkwYJc8cKmmQWUloyS9KwttBnja2ONRuJQDEsmef320=", "owner": "Mic92", "repo": "sops-nix", - "rev": "015d461c16678fc02a2f405eb453abb509d4e1d4", + "rev": "4c1251904d8a08c86ac6bc0d72cc09975e89aef7", "type": "github" }, "original": { @@ -1724,11 +1724,11 @@ ] }, "locked": { - "lastModified": 1737483750, - "narHash": "sha256-5An1wq5U8sNycOBBg3nsDDgpwBmR9liOpDGlhliA6Xo=", + "lastModified": 1738070913, + "narHash": "sha256-j6jC12vCFsTGDmY2u1H12lMr62fnclNjuCtAdF1a4Nk=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "f2cc121df15418d028a59c9737d38e3a90fbaf8f", + "rev": "bebf27d00f7d10ba75332a0541ac43676985dea3", "type": "github" }, "original": { @@ -1788,11 +1788,11 @@ "systems": "systems_11" }, "locked": { - "lastModified": 1734445299, - "narHash": "sha256-/E7Y2UaYTXIyvRguvqD/FHC3I2mAT7w9berqv7/gUI4=", + "lastModified": 1738500836, + "narHash": "sha256-/aVKAtef7j93Uk0+7n3hlu9ZmKFf0jidJ5t45pGN38g=", "owner": "danyspin97", "repo": "wpaperd", - "rev": "b0b7e66fd32dca36c431a174784a2e87af7edb77", + "rev": "acc5652f644810c51394baf4f75cc2d20c0f334c", "type": "github" }, "original": { diff --git a/nixos/modules/services/vaultwarden.nix b/nixos/modules/services/vaultwarden.nix index 89ea5e2..7dd8d4d 100755 --- a/nixos/modules/services/vaultwarden.nix +++ b/nixos/modules/services/vaultwarden.nix @@ -2,16 +2,14 @@ flake, config, ... -}: let - inherit - (flake.config.services.instances) - vaultwarden - web - ; +}: +let + inherit (flake.config.services.instances) smtp vaultwarden web; service = vaultwarden; localhost = web.localhost.address0; host = "${service.subdomain}.${web.domains.url0}"; -in { +in +{ services = { vaultwarden = { backupDir = service.paths.path0; @@ -25,9 +23,9 @@ in { SMTP_AUTH_MECHANISM = "Plain"; SMTP_EMBED_IMAGES = true; SMTP_FROM = service.email.address0; - SMTP_FROM_NAME = "Vaultwarden"; - SMTP_HOST = "smtp.protonmail.ch"; - SMTP_PORT = 587; + SMTP_FROM_NAME = service.label; + SMTP_HOST = smtp.hostname; + SMTP_PORT = smtp.ports.port0; SMTP_SECURITY = "starttls"; SMTP_USERNAME = service.email.address0; @@ -64,24 +62,26 @@ in { }; }; - sops = let - sopsPath = secret: { - path = "${service.sops.path0}/${service.name}-${secret}"; - owner = service.name; - mode = "600"; + sops = + let + sopsPath = secret: { + path = "${service.sops.path0}/${service.name}-${secret}"; + owner = service.name; + mode = "600"; + }; + in + { + secrets = builtins.listToAttrs ( + map + (secret: { + name = "${service.name}/${secret}"; + value = sopsPath secret; + }) + [ + "env" + ] + ); }; - in { - secrets = builtins.listToAttrs ( - map - (secret: { - name = "${service.name}/${secret}"; - value = sopsPath secret; - }) - [ - "env" - ] - ); - }; systemd.tmpfiles.rules = [ "Z ${service.paths.path0} 0755 ${service.name} ${service.name} -" diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index cf315b4..f0c1dde 100755 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -22,7 +22,7 @@ castopod-database: ENC[AES256_GCM,data:Yn2pHEzoEC1ZH0LVaFooHX2TzkM0V6PUboXrziIIY discord-token: ENC[AES256_GCM,data:PQ4VEKZUCFdSau9hHj52GkdKTnc1sdNIOrJjWbW0Wu9gNAluOutbEYd21UjP9nW/8ayPrId5dSGs6pqXQEIxT8KmnYVQXQYQ6i5xx9Ciq77pU1MipXE=,iv:lpOWnuySeLDiZMSjbsnQJCgsC3PG3v9hmaPVenlmF5g=,tag:Wdpwagj6iiiif5MZiW+yzQ==,type:str] minecraft-pass: ENC[AES256_GCM,data:0natV6dEpItFp5zsUKqgVMZLLmqRLBEf,iv:Bc7RTXnpdec0wn25Rb7SkVTf5BjXzq3YCXcjwrC7V9k=,tag:Og5qN94G6pHdpIk6YDg1ZA==,type:str] vaultwarden: - env: ENC[AES256_GCM,data:UW1Waz9lhzUDfqv+n5ikiWda3z0stVca4JCb8T+4XdVGuv8peNLfZKKhcDNXvGLl2ljEJKaxzSQbRaDl5Fo+5r/dOox3kfcRhcZ2dbWpiy6O/ALN2dvs9Q==,iv:J/YjboI13JiBxNA4UHewYxc20jDDcbbNfxs+dhf56cQ=,tag:tj9cpJRxcSbSSOkpcpadTg==,type:str] + env: ENC[AES256_GCM,data:fsL+z/fSLmlhjdWJrIZ2yuF74AOo0HEnw52KMNa8lwrMRG3r6bEpjg3PD9dQ8tpqWq207Tp1QKWhYSjzmwMYjmN/7CiJpkuWMS37uWQ0bUcZN0zit+ko6g==,iv:MM9DST+uw8MdA/fnVdX+O2QtqVztQDx00DBm2c9cHSE=,tag:KTzlNSNuOY2AS4sZdvdQbg==,type:str] dns: namecheap: ENC[AES256_GCM,data:Afxyf4cHvdnPIXYoPN3viBOzzqUOeRs3YjQ5ugerlnL9H4iSf/iAsxyzHYysOgZ/9xc0OWt6G6A7cEZHW4i82MX1+mLbvWN5ir1iHL73RtesC14=,iv:3XMTQ4TNL7iXPYFLSa+BapSgqILYuM6ZaQLMQZSJ2pc=,tag:PO69wRhCoey+CwPgnOOR6A==,type:str] nextcloud-pass: ENC[AES256_GCM,data:BJWpsEtnezl67vQWwV9WSdpPAYLg3eOXAZ301A382GE=,iv:+1LrBtbjCBcVC7m/fSbXzPnBxbVmpv+2opPoxEfcgjY=,tag:ArMw4yv+Zt6Lhm7CaS5hMg==,type:str] @@ -49,8 +49,8 @@ sops: bXBOa1VSakoyaWxpODJEOU11QUZCaUEK8Ch9Ten3DdrPHF1DTH2qei85AlHUOaLD aNfzakake7ej+MxJYdKEU0bcWofNMKzIlZa2uM10KZSENDP8d8qlig== -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-01-19T05:53:28Z" - mac: ENC[AES256_GCM,data:53u+E1aSLpBL4fpZ92Hd2V995SQWV6vIMwmixBjh8Bljn0FYld9leFc9aLh8Acjx05QdPu6FCGrd9ggjPVwg59jUh4WUrptHsrO+tzPi8tuw91udLWp4navKRTU8eEH8qqu6X5x72i6j6BkvaTLk5ljyZvWfRBs7+QUmc7saTg0=,iv:ttuIjOfIzqiW660ERJ5ilIJ0578cyh363glwqYBrD/Q=,tag:CGERhUo857XVHCad+PFKkw==,type:str] + lastmodified: "2025-02-03T02:39:04Z" + mac: ENC[AES256_GCM,data:lTlu5Xxc3mf+9oWnSy+J7lHbecOZKSzoHkEJn8hxpDMcyyiGFwGFvzAF4dKpvaEtC5nyhnkc+SSksD0POrp3z+9/35RQotaqBZxIGKUxzgeQC520m/3E+Xk/kGPiQSW13diLJS/3fV0jpvP61C67VazRWbEDmyFBNiTOT7ugCi0=,iv:mpftsKWKPFgoEhus+t9CDPV3KbfJthXSdtXzSubl2VE=,tag:6d33SoOvx03TDOZHV7DusQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.9.3 + version: 3.9.4