nmcdaniel/tty.garden
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: nmcdaniel:e529a4814f56f65ba132f22d747fa1106fd22c1b
Branches Tags
nmcdaniel:master
...
compare: nmcdaniel:master
Branches Tags
nmcdaniel:master

3 Commits
e529a4814f ... master

Author SHA1 Message Date
Nicholas McDaniel
71e5a43c1a Add smtp and imap email server 2026-02-10 13:08:43 -05:00
Nicholas McDaniel
488302d6fa Properly set up forwarding headers for gitea 2026-02-09 21:42:58 -05:00
Nicholas McDaniel
3c5120e709 Use alternative gitea theme 2026-02-08 21:49:20 -05:00
6 changed files with 80 additions and 1 deletions
Expand all files Collapse all files

1
README.md
View File

@@ -5,6 +5,7 @@ subdomains.
## Current features:
- Automatic SSL certificates via ACME DNS challenges
- Automatic backups with restic
- NGINX webserver
- ATProto PDS at https://pds.tty.garden
- Gitea instance at https://seed.tty.garden

1
configuration.nix
View File

@@ -14,6 +14,7 @@
./modules/nginx.nix
./modules/gitea.nix
./modules/pds.nix
./modules/mail.nix
./modules/restic.nix
];

30
modules/gitea.nix
View File

@@ -1,4 +1,4 @@
{config, ...}:
{pkgs, config, ...}:
{
services.gitea = {
enable = true;
@@ -14,6 +14,34 @@
actions = {
ENABLED = false;
};
ui = {
DEFAULT_THEME = "catppuccin-maroon-auto";
THEMES = "catppuccin-maroon-auto,catppuccin-latte-maroon,catppuccin-mocha-maroon";
};
};
};
systemd.tmpfiles.rules =
let catpuccinThemeSrc =
pkgs.fetchzip {
url = "https://github.com/catppuccin/gitea/releases/download/v1.0.2/catppuccin-gitea.tar.gz";
sha256 = "sha256-rZHLORwLUfIFcB6K9yhrzr+UwdPNQVSadsw6rg8Q7gs=";
stripRoot = false;
};
themeFiles = [
"theme-catppuccin-mocha-maroon.css"
"theme-catppuccin-latte-maroon.css"
"theme-catppuccin-maroon-auto.css"
];
customDir = config.services.gitea.customDir;
in
[
"d ${customDir}/public - gitea gitea -"
"d ${customDir}/public/assets - gitea gitea -"
"d ${customDir}/public/assets/css - gitea gitea -"
]
++ map (f:
"L+ ${customDir}/public/assets/css/${f} - - - - ${catpuccinThemeSrc}/${f}"
) themeFiles;
}

39
modules/mail.nix Normal file
View File

@@ -0,0 +1,39 @@
{pkgs, config, ...}:
{
imports = [
(builtins.fetchTarball {
url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-25.11/nixos-mailserver-nixos-25.11.tar.gz";
sha256 = "0pqc7bay9v360x2b7irqaz4ly63gp4z859cgg5c04imknv0pwjqw";
})
];
mailserver = {
enable = true;
stateVersion = 3;
fqdn = "mail.tty.garden";
domains = [ "tty.garden" ];
loginAccounts = {
"nmcdaniel@tty.garden" = {
hashedPasswordFile = "/root/email_hashed/admin";
aliases = [ "postmaster@tty.garden" "admin@tty.garden" ];
};
};
certificateScheme = "acme";
acmeCertificateName = "tty.garden";
};
# SMTP Relay Configuration
# This can be omitted once SMTP outbound connections are unblocked
services.postfix = {
settings.main = {
relayhost = [ "[smtp.resend.com]:587" ];
# Must have associated .db made with postmap in the same directory
smtp_sasl_password_maps = "hash:/root/sasl_passwd";
smtp_sasl_auth_enable = true;
smtp_sasl_security_options = "";
smtp_use_tls = true;
};
};
}

9
modules/nginx.nix
View File

@@ -40,6 +40,8 @@
''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
}; in {
enable = true;
@@ -53,6 +55,13 @@
"seed.tty.garden" = vhostDefault // {
locations."/" = {
proxyPass = "http://127.0.0.1:3000";
extraConfig =
''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
};
};
"mirror.tty.garden" = vhostDefault // {

1
modules/restic.nix
View File

@@ -10,6 +10,7 @@
paths = [
"/var/www" # Webserver data
"/var/lib/pds" # ATProto PDS
"/var/vmail" # Email Mailbox
"/home" # User data
"${config.services.gitea.stateDir}/dump" # Gitea repository
];