feat: refactored and updated smtp config

modules/config/default.nix

@@ -62,6 +62,7 @@ let
       short = stringType;
       hostname = stringType;
       tags = listType;
+      records = genOptions stringType "record";
       domains = genOptions stringType "url";
       dns = genOptions stringType "provider";
       localhost = genOptions stringType "address";
@@ -257,9 +258,7 @@ in
 
         instancesFunctions = {
           domain0 = "cloudbert.fun";
-          domain1 = "the-nutrivore.social";
-          domain2 = "the-nutrivore.com";
-          domain3 = "uprootnutrition.com";
+          domain1 = "uprootnutrition.com";
           servicePath = "/mnt/media/NAS1";
           sopsPath = "/var/lib/secrets";
           sslPath = "/var/lib/acme";

modules/config/instances/config/forgejo.nix

@@ -1,7 +1,7 @@
 { moduleFunctions }:
 let
   inherit (moduleFunctions.instancesFunctions)
-    domain3
+    domain1
     servicePath
     sslPath
     sopsPath
@@ -10,14 +10,14 @@ let
   label = "Forgejo";
   name = "forgejo";
   subdomain = "source";
-  domain = "${subdomain}.${domain3}";
+  domain = "${subdomain}.${domain1}";
 in
 {
   label = label;
   name = name;
   short = label;
   email = {
-    address0 = "noreply@${domain3}";
+    address0 = "noreply@${domain1}";
   };
   sops = {
     path0 = "${sopsPath}/${name}";
@@ -38,7 +38,7 @@ in
     port0 = 3033;
   };
   ssl = {
-    cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem";
-    key = "${sslPath}/${subdomain}.${domain3}/key.pem";
+    cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem";
+    key = "${sslPath}/${subdomain}.${domain1}/key.pem";
   };
 }

modules/config/instances/config/mastodon.nix

@@ -1,7 +1,7 @@
 { moduleFunctions }:
 let
   inherit (moduleFunctions.instancesFunctions)
-    domain3
+    domain1
     servicePath
     sslPath
     sopsPath
@@ -10,14 +10,14 @@ let
   label = "Mastodon";
   name = "mastodon";
   subdomain = "social";
-  domain = "${subdomain}.${domain3}";
+  domain = "${subdomain}.${domain1}";
 in
 {
   label = label;
   name = name;
   short = "Mast";
   email = {
-    address0 = "noreply@${domain3}";
+    address0 = "noreply@${domain}";
   };
   domains = {
     url0 = domain;
@@ -37,7 +37,7 @@ in
     path2 = "";
   };
   ssl = {
-    cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem";
-    key = "${sslPath}/${subdomain}.${domain3}/key.pem";
+    cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem";
+    key = "${sslPath}/${subdomain}.${domain1}/key.pem";
   };
 }

modules/config/instances/config/peertube.nix

@@ -1,7 +1,7 @@
 { moduleFunctions }:
 let
   inherit (moduleFunctions.instancesFunctions)
-    domain3
+    domain1
     servicePath
     sslPath
     sopsPath
@@ -10,14 +10,14 @@ let
   label = "PeerTube";
   name = "peertube";
   subdomain = "video";
-  domain = "${subdomain}.${domain3}";
+  domain = "${subdomain}.${domain1}";
 in
 {
   label = label;
   name = name;
   short = "Peer";
   email = {
-    address0 = "noreply@${domain3}";
+    address0 = "noreply@${domain1}";
   };
   sops = {
     path0 = "${sopsPath}/${name}";
@@ -40,7 +40,7 @@ in
     port4 = 52800;
   };
   ssl = {
-    cert = "${sslPath}/${subdomain}.${domain3}/fullchain.pem";
-    key = "${sslPath}/${subdomain}.${domain3}/key.pem";
+    cert = "${sslPath}/${subdomain}.${domain1}/fullchain.pem";
+    key = "${sslPath}/${subdomain}.${domain1}/key.pem";
   };
 }

modules/config/instances/config/postfix.nix

@@ -1,31 +0,0 @@
-{ moduleFunctions }:
-let
-  inherit (moduleFunctions.instancesFunctions)
-    domain3
-    servicePath
-    sslPath
-    sopsPath
-    ;
-
-  label = "Postfix";
-  name = "postfix";
-  domain = "${name}.${domain3}";
-in
-{
-  label = label;
-  name = name;
-  sops = {
-    path0 = "${sopsPath}/${name}";
-  };
-  domains = {
-    url0 = domain;
-  };
-  subdomain = name;
-  paths = {
-    path0 = "${servicePath}/${label}";
-  };
-  ssl = {
-    cert = "${sslPath}/${domain3}/fullchain.pem";
-    key = "${sslPath}/${domain3}/key.pem";
-  };
-}

modules/config/instances/config/projectSite.nix

@@ -1,7 +1,6 @@
 { moduleFunctions }:
 let
   inherit (moduleFunctions.instancesFunctions)
-    domain3
     sslPath
     sopsPath
     ;

modules/config/instances/config/smtp.nix

@@ -1,13 +1,25 @@
 { moduleFunctions }:
 let
   inherit (moduleFunctions.instancesFunctions)
-    dummy
+    domain0
+    domain1
     ;
+
+  name = "smtp";
 in
 {
-  hostname = "mail.smtp2go.com";
-  name = dummy;
+  hostname = "smtp.migadu.com";
+  name = name;
   ports = {
-    port0 = 2525;
+    port0 = 465; # TLS
+    port1 = 587; # StartTLS
+  };
+  email = {
+    address0 = "noreply@${domain0}";
+    address1 = "noreply@${domain1}";
+  };
+  records = {
+    record0 = "tls";
+    record1 = "starttls";
   };
 }

modules/config/instances/config/upRootNutrition.nix

@@ -1,7 +1,7 @@
 { moduleFunctions }:
 let
   inherit (moduleFunctions.instancesFunctions)
-    domain3
+    domain1
     sslPath
     sopsPath
     ;
@@ -14,13 +14,13 @@ in
   name = name;
   short = "upRoot";
   email = {
-    address0 = "nick@${domain3}";
+    address0 = "nick@${domain1}";
   };
   sops = {
     path0 = "${sopsPath}/${name}";
   };
   domains = {
-    url0 = domain3;
+    url0 = domain1;
   };
   tags = [
     name
@@ -35,7 +35,7 @@ in
     port0 = 1234;
   };
   ssl = {
-    cert = "${sslPath}/${domain3}/fullchain.pem";
-    key = "${sslPath}/${domain3}/key.pem";
+    cert = "${sslPath}/${domain1}/fullchain.pem";
+    key = "${sslPath}/${domain1}/key.pem";
   };
 }

modules/config/instances/config/web.nix

@@ -3,8 +3,6 @@ let
   inherit (moduleFunctions.instancesFunctions)
     domain0
     domain1
-    domain2
-    domain3
     ;
   label = "Router";
 in
@@ -15,8 +13,6 @@ in
   domains = {
     url0 = domain0;
     url1 = domain1;
-    url2 = domain2;
-    url3 = domain3;
   };
   dns = {
     provider0 = "namecheap";

modules/nixos/services/acme/default.nix

@@ -9,7 +9,6 @@ let
   inherit (flake.config.services) instances;
   domain0 = instances.web.domains.url0;
   domain1 = instances.web.domains.url1;
-  domain3 = instances.web.domains.url3;
   domain4 = flake.inputs.linkpage.secrets.domains.projectsite;
   dns0 = instances.web.dns.provider0;
   dns1 = instances.web.dns.provider1;
@@ -53,7 +52,7 @@ in
       )
       ++ (map
         (service: {
-          name = "${instanceName service}.${domain3}";
+          name = "${instanceName service}.${domain1}";
           value = dnsConfig dns0Path dns0;
         })
         [
@@ -70,7 +69,6 @@ in
         [
           domain0
           domain1
-          domain3
         ]
       )
       ++ (map

modules/nixos/services/firefly-iii/default.nix

@@ -26,13 +26,13 @@ in
         APP_URL = "https://${host}";
         APP_KEY_FILE = config.sops.secrets."${service.name}-pass".path;
         DB_PASSWORD_FILE = config.sops.secrets."${service.name}-data".path;
-        # MAIL_MAILER = "smtp";
-        # MAIL_HOST = smtp.hostname;
-        # MAIL_PORT = 2525;
-        # MAIL_FROM = service.email.address0;
-        # MAIL_USERNAME = service.email.address0;
-        # MAIL_PASSWORD = ""; # if you ever need to use smtp, you have to hardcode your smtp password here
-        # MAIL_ENCRYPTION = "tls";
+        MAIL_MAILER = smtp.name;
+        MAIL_HOST = smtp.hostname;
+        MAIL_PORT = smtp.ports.port0;
+        MAIL_FROM = smtp.email.address0;
+        MAIL_USERNAME = smtp.email.address0;
+        MAIL_PASSWORD_FILE = config.sops.secrets."${service.name}-smtp".path;
+        MAIL_ENCRYPTION = "tls";
         SITE_OWNER = email.address2;
       };
     };

modules/nixos/services/forgejo/default.nix

@@ -53,10 +53,10 @@ in
         mailer = {
           ENABLED = true;
           SMTP_ADDR = instances.smtp.hostname;
-          FROM = service.email.address0;
-          USER = service.email.address0;
-          PROTOCOL = "smtp+starttls";
-          SMTP_PORT = instances.smtp.ports.port0;
+          FROM = instances.smtp.email.address1;
+          USER = instances.smtp.email.address1;
+          PROTOCOL = "${instances.smtp.name}+${instances.smtp.records.record1}";
+          SMTP_PORT = instances.smtp.ports.port1;
           SEND_AS_PLAIN_TEXT = true;
           USE_CLIENT_CERT = false;
         };
@@ -90,8 +90,8 @@ in
             value = sopsPath secret;
           })
           [
-            "smtp"
             "database"
+            "smtp"
           ]
       );
     };

modules/nixos/services/mastodon/default.nix

@@ -52,7 +52,7 @@ in
         name = service.name;
         host = "/run/postgresql";
         user = service.name;
-        passwordFile = config.sops.secrets.mastodon-database.path;
+        passwordFile = config.sops.secrets."${service.name}-database".path;
       };
       extraConfig = {
         SINGLE_USER_MODE = "true";
@@ -105,11 +105,11 @@ in
       smtp = {
         authenticate = true;
         createLocally = false;
-        fromAddress = "upRootNutrition <${service.email.address0}>";
+        fromAddress = "upRootNutrition <${smtp.email.address1}>";
         host = smtp.hostname;
-        passwordFile = config.sops.secrets.mastodon-smtp.path;
-        port = smtp.ports.port0;
-        user = service.email.address0;
+        passwordFile = config.sops.secrets."${service.name}-smtp".path;
+        port = smtp.ports.port1;
+        user = smtp.email.address1;
       };
     };
     caddy = {

modules/nixos/services/nextcloud/default.nix

@@ -50,14 +50,14 @@ in
         log_type = "file";
         mail_domain = host;
         mail_from_address = "noreply";
-        mail_sendmailmode = "smtp";
-        mail_smtpmode = "smtp";
+        mail_sendmailmode = smtp.name;
+        mail_smtpmode = smtp.name;
         mail_smtphost = smtp.hostname;
-        mail_smtpport = smtp.ports.port0;
+        mail_smtpport = smtp.ports.port1;
         mail_smtpsecure = "";
         mail_smtptimeout = 30;
         mail_smtpauth = 1;
-        mail_smtpname = service.email.address0;
+        mail_smtpname = smtp.email.address0;
         mail_smtppassword = config.sops.secrets."${service.name}-smtp".path;
         maintenance_window_start = 4;
         overwriteprotocol = "https";
@@ -107,6 +107,7 @@ in
           })
           [
             "pass"
+            "smtp"
           ]
       );
     };

modules/nixos/services/peertube/default.nix

@@ -53,12 +53,12 @@ in
           level = "debug";
         };
         smtp = {
-          transport = "smtp";
+          transport = smtp.name;
           disable_starttls = false;
-          from_address = service.email.address0;
+          from_address = service.email.address1;
           hostname = smtp.hostname;
-          port = smtp.ports.port0;
-          username = service.email.address0;
+          port = smtp.ports.port1;
+          username = smtp.email.address1;
           tls = false;
         };
       };
@@ -107,11 +107,11 @@ in
             value = sopsPath secret;
           })
           [
-            "smtp"
             "database"
             "redis"
             "root"
             "secret"
+            "smtp"
           ]
       );
     };

modules/nixos/services/vaultwarden/default.nix

@@ -26,12 +26,12 @@ in
         # Email Configuration
         SMTP_AUTH_MECHANISM = "Plain";
         SMTP_EMBED_IMAGES = true;
-        SMTP_FROM = service.email.address0;
+        SMTP_FROM = instances.smtp.email.address0;
         SMTP_FROM_NAME = service.label;
         SMTP_HOST = instances.smtp.hostname;
-        SMTP_PORT = instances.smtp.ports.port0;
-        SMTP_SECURITY = "starttls";
-        SMTP_USERNAME = service.email.address0;
+        SMTP_PORT = instances.smtp.ports.port1;
+        SMTP_SECURITY = instances.smtp.records.record1;
+        SMTP_USERNAME = instances.smtp.email.address0;
 
         # Security Configuration
         DISABLE_ADMIN_TOKEN = false;

modules/nixos/services/website/default.nix

@@ -5,7 +5,7 @@ let
     web
     ;
   service = upRootNutrition;
-  host = web.domains.url3;
+  host = web.domains.url1;
 
   websitePkg = flake.inputs.upRootNutrition.packages.${pkgs.system}.websiteFrontend;
 in