From 069ad76e60c98ef1ba310f59d257360ffb4ecf72 Mon Sep 17 00:00:00 2001 From: notohh Date: Fri, 2 Feb 2024 12:18:25 -0500 Subject: [PATCH] vaultwarden: init SMTP vaultwarden: rename secret sops: update secrets --- hosts/sakura/services/vaultwarden.nix | 16 +++++++++++++++- secrets/secrets.yaml | 6 +++--- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/hosts/sakura/services/vaultwarden.nix b/hosts/sakura/services/vaultwarden.nix index e5b79d0..2226952 100644 --- a/hosts/sakura/services/vaultwarden.nix +++ b/hosts/sakura/services/vaultwarden.nix @@ -1,4 +1,9 @@ -{pkgs, ...}: { +{ + pkgs, + config, + ... +}: { + sops.secrets.vaultwarden-env = {}; services.vaultwarden = { enable = true; package = pkgs.vaultwarden-postgresql; @@ -11,6 +16,15 @@ ROCKET_ADDRESS = "0.0.0.0"; ROCKET_PORT = 8222; ROCKET_LOG = "critical"; + # mailer + SMTP_HOST = "mail.smtp2go.com"; + SMTP_PORT = 587; + SMTP_SECURITY = "starttls"; + SMTP_FROM = "vault@flake.sh"; + SMTP_FROM_NAME = "Vaultwarden"; + SMTP_USERNAME = "vaultwarden-mailer"; + SMTP_TIMEOUT = 15; }; + environmentFile = config.sops.secrets.vaultwarden-env.path; }; } diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 1c0c94d..fad8367 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -13,7 +13,7 @@ woodpecker-agent-secret: ENC[AES256_GCM,data:DQoIOciEqDcaUYTTYFeIocmUUFB+ASstMA0 miniflux: ENC[AES256_GCM,data:H5YA60nFQkUVBhLrNjQY7E5hhBPjjQEqQ6PJB5ZNj1KNKtUSWt+rzFt+Hce5JrNmmj7aZjmj9upuzPjRFdva/T9ZyRHm,iv:Ju6bElSOsj62L+5ANKEmE866sCy9IOP5V9P020tl9bU=,tag:ntDj4d+2fGOE443tPZj80Q==,type:str] anki-pwd: ENC[AES256_GCM,data:g3HNzilSVAsRkqOPdQHr0MZZkwOKz4gdDDBvhRZbD1w=,iv:49UNCpA6WLPKp2Y85Vpdgk/Eu47NyLGxXWDl5Qmkn8Y=,tag:n7hEcd908mkQbOr73qlYSw==,type:str] paperless-pwd: ENC[AES256_GCM,data:Ylb5Bojq0YFsVWbKkeMQXLXuyoUDdKWkY7OcFcrzdlNa,iv:bpgJx46branHQTJUOoYfIOsguLrjjxoYFk069YMkyAE=,tag:d0kdILLVFT3fR2gw52qGEA==,type:str] -vaultwarden-smtp: ENC[AES256_GCM,data:jRN50StTbpXbX/kJ5G9FstWO9dVeBUfmLCkRJjrPiw==,iv:b7doi0Oq/gM/ausqbpOOw45RlbH5tcLlDNKC+1nXOA0=,tag:arBejWX8NJZq+Ivaw4wmUA==,type:str] +vaultwarden-env: ENC[AES256_GCM,data:+Et1Pu6QwqQrDmaE25TRGt6NZ63oez+TKRyedvDqyANxq0UcRCwWKHM43W0PYiQ08+sAUmNCNoEVvDb1UvpTyMQGI4E4s2uUrIe3R+6gaG1ycU3uoAv2tZ4beRcKPjUIW19T7hgPg624kAtPQ/exWmUrCKjMvi+SwKKoNGo3vmZs5FzF,iv:Hp1nzU5xxFkyS9/jtc9QDfHSKGJst89yYbO33Phf3+0=,tag:/53rTxygB61qzKgHaVs+jg==,type:str] sops: kms: [] gcp_kms: [] @@ -29,8 +29,8 @@ sops: YWNQcURKMSs2U0pOa3E0cTdCZ3RnalkKGayA7DBUQS+kn+6OYVBc6oTunF0qeZdt 5b9DLHgh0HRWFm09XGSOog8K315d93Wzblw1My1/dXeEQX/ryinqUQ== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-02-02T17:07:21Z" - mac: ENC[AES256_GCM,data:tOCRFpTVd6LOmjj5rkPf5KLd+Ngs0r1fURS0IVECazv+tRb70a5ulKOn8iaiyv4bzHu0v1N516JZGqaod5qXcjvN3AXQBYLFBH9V6jftZfmNXFoRHPryIjRLsbcLH+JMIUjFyS5KPApnwcjQH4eVpkurcVs5kshPRSAIV+3XmmU=,iv:6ZISXpSTPGTQ+7AcW28JITWTu3BgFDx+5m1J1WUfMp8=,tag:WWUi2tcmvLFwEEHjOfL7Hw==,type:str] + lastmodified: "2024-02-02T17:22:41Z" + mac: ENC[AES256_GCM,data:ypjXfV0H2m8t163u188s6CC9oWAe1stEnnTx75IXZglbxCkFsi4ovB0A06JUtdrZW0VfuXPZOOZBLLr4Ecx8ZQZzoe1FD2ikaofNwqpSgI0ULuKSY4ydJFmYqQ+g9fhLjHnciJv3CU/fWMMK3zGRpgrBrJWWmlN6mtQ4OAysUF0=,iv:5EyWnZLTN68jppYMOMGWMj0Yal3NEb1XctllhL/LBEs=,tag:c6ot+r7kVjCVg9whc4nT9g==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1