diff --git a/home-manager.nix b/home-manager.nix index 5b016cf..4c08ed3 100644 --- a/home-manager.nix +++ b/home-manager.nix @@ -51,7 +51,7 @@ git = { enable = true; userName = "Danilo Reyes"; - userEmail = "CaptainJawZ@protonmail.com"; + userEmail = config.my.email; }; }; } diff --git a/hosts/miniserver/configuration.nix b/hosts/miniserver/configuration.nix index f4ca736..46a7fe9 100644 --- a/hosts/miniserver/configuration.nix +++ b/hosts/miniserver/configuration.nix @@ -53,7 +53,7 @@ prowlarr.enable = false; qbittorrent.enable = true; radarr.enable = false; - ryot.enable = false; + ryot.enable = true; shiori.enable = true; sonarr.enable = false; vaultwarden.enable = true; diff --git a/modules/servers.nix b/modules/servers.nix index 54dcaf3..047cfc5 100644 --- a/modules/servers.nix +++ b/modules/servers.nix @@ -100,6 +100,16 @@ in { default = "/var/lib/docker-configs"; description = "The docker/podman socket path."; }; + smtpemail = lib.mkOption { + type = lib.types.str; + default = "stunner6399@gmail.com"; + description = "localhost smtp email"; + }; + email = lib.mkOption { + type = lib.types.str; + default = "CaptainJawZ@protonmail.com"; + description = "localhost smtp email"; + }; }; config = { my.servers = { @@ -146,7 +156,7 @@ in { }; security.acme = lib.mkIf config.services.nginx.enable { acceptTerms = true; - defaults.email = "CaptainJawZ@outlook.com"; + defaults.email = config.my.email; }; services.nginx = { clientMaxBodySize = "4096m"; diff --git a/modules/servers/nextcloud.nix b/modules/servers/nextcloud.nix index 481ad1b..ff92fd6 100644 --- a/modules/servers/nextcloud.nix +++ b/modules/servers/nextcloud.nix @@ -58,8 +58,8 @@ in { host = "smtp.gmail.com"; port = 587; tls = true; - from = "stunner6399@gmail.com"; - user = "stunner6399@gmail.com"; + from = config.my.smtpemail; + user = config.my.smtpemail; passwordeval = "cat ${config.sops.secrets.smtp-password.path}"; }; }; @@ -107,7 +107,7 @@ in { settings = { log_type = "file"; log_level = 3; - trusted_proxies = [ "nginx" ]; + trusted_proxies = [ "192.168.0.1" "192.168.0.0/24" "10.0.0.0/8" ]; trusted_domains = [ "cloud.rotehaare.art" "danilo-reyes.com" ]; overwrite_protocol = "https"; default_phone_region = "MX"; diff --git a/modules/servers/ryot.nix b/modules/servers/ryot.nix index 6313482..c9c2109 100644 --- a/modules/servers/ryot.nix +++ b/modules/servers/ryot.nix @@ -1,6 +1,6 @@ { lib, config, proxyReverse, ... }: let - port = 8881; + port = 8765; url = "tracker.${config.my.domain}"; in { options.my.servers.ryot.enable = lib.mkEnableOption "enable"; @@ -10,10 +10,11 @@ in { virtualisation.oci-containers = { backend = "docker"; containers.ryot = { - image = "ghcr.io/ignisda/ryot:v5.5.0"; - ports = [ "8765:8000" ]; + image = "ghcr.io/ignisda/ryot:v5.5.6"; + ports = [ "${toString port}:8000" ]; environmentFiles = [ config.sops.secrets.ryot.path ]; environment = { + RUST_LOG = "ryot=debug,sea_orm=debug"; TZ = "America/Mexico_City"; DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}"; FRONTEND_INSECURE_COOKIES = "true"; diff --git a/modules/servers/vaultwarden.nix b/modules/servers/vaultwarden.nix index 867bcac..7d2b362 100644 --- a/modules/servers/vaultwarden.nix +++ b/modules/servers/vaultwarden.nix @@ -2,12 +2,13 @@ options.my.servers.vaultwarden.enable = lib.mkEnableOption "enable"; config = lib.mkIf (config.my.servers.vaultwarden.enable && config.my.servers.postgres.enable) { + sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml; services = { vaultwarden = { enable = true; dbBackend = "postgresql"; package = pkgs.vaultwarden; - environmentFile = "/var/lib/vaultwarden.env"; + environmentFile = config.sops.vaultwarden.path; config = { ROCKET_ADDRESS = "${config.my.localhost}"; ROCKET_PORT = 8222; @@ -20,6 +21,11 @@ SIGNUPS_ALLOWED = false; EXTENDED_LOGGING = true; LOG_LEVEL = "warn"; + SMTP_HOST = config.my.localhost; + SMTP_PORT = 25; + SMTP_SSL = false; + SMTP_FROM = config.my.smtpemail; + SMTP_FROM_NAME = config.my.smtpemail; }; }; nginx = {