mob next [ci-skip] [ci skip] [skip ci]

lastFile:vars/shared/noreply-mailer/password/secret
2025-09-26 12:05:30 +07:00
parent 800500f57e
commit ea8d2c3388
17 changed files with 225 additions and 1 deletions
--- a/machines/vega/configuration.nix
+++ b/machines/vega/configuration.nix
@@ -1,6 +1,7 @@
 {
  inputs,
  config,
+  pkgs,
  ...
 }:
 {
--- a/machines/vega/services/nextcloud.nix
+++ b/machines/vega/services/nextcloud.nix
@@ -1,4 +1,9 @@
-{ config, pkgs, ... }:
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}:
 let
  # ncDomain = "${config.clan.core.vars.generators.vega-nextcloud.files.subdomain.value}.${config.networking.fqdn}";
  ncDomain = "${config.networking.fqdn}";
@@ -18,6 +23,36 @@ in
    script = ''cat $prompts/subdomain || echo -n "cloud" > $out/subdomain'';
  };

+  clan.core.vars.generators.noreply-mailer = {
+    share = true;
+
+    files.host.secret = false;
+    files.port.secret = false;
+    files.account.secret = false;
+    files.password.secret = true;
+
+    script = ''
+      echo "mail.b4l.co.th" > $out/host
+      echo "587" > $out/port
+      echo "noreply@newedge.house" > $out/account
+      echo "" > $out/password
+    '';
+  };
+
+  clan.core.vars.generators.nextcloud-secretFile = {
+    dependencies = [ "noreply-mailer" ];
+    files = {
+      secret = {
+        owner = "nextcloud";
+        group = "nextcloud";
+        secret = true;
+      };
+    };
+    script = ''
+      echo { \"mail_smtppassword\": \"$(cat $in/noreply-mailer/password)\" } > $out/secret
+    '';
+  };
+
  networking.firewall.allowedTCPPorts = [
    80
    443
@@ -26,6 +61,29 @@ in
  services.nextcloud = {
    hostName = ncDomain;
    package = pkgs.nextcloud31;
+    secretFile = config.clan.core.vars.generators.nextcloud-secretFile.files.secret.path;
+    # settings =
+    #   let
+    #     address = lib.splitString "@" config.clan.core.vars.generators.noreply-mailer.files.account.value;
+    #   in
+    #   {
+    #     mail_smtpmode = "smtp";
+    #     mail_smtpauth = 1;
+    #     # mail_sendmailmode = "smtp";
+    #     mail_smtpsecure = "ssl";
+    #     mail_from_address = builtins.elemAt address 0;
+    #     mail_domain = builtins.elemAt address 1;
+    #     mail_smtphost = config.clan.core.vars.generators.noreply-mailer.files.host.value;
+    #     mail_smtpport = config.clan.core.vars.generators.noreply-mailer.files.port.value;
+    #     mail_smtpname = config.clan.core.vars.generators.noreply-mailer.files.account.value;
+    #     mail_smtpauthtype = "LOGIN";
+    #
+    #     mail_smtpstreamoptions.ssl = {
+    #       allow_self_signed = true;
+    #       verify_peer = false;
+    #       verify_peer_name = false;
+    #     };
+    #   };
  };
  # services.nginx.virtualHosts."${ncDomain}" = {
  #   # useACMEHost = "${config.networking.fqdn}";