chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

improve forgejo and zitadel configs
Some checks failed
Test action / Print hello world (push) Has been cancelled
Details

Browse source
This commit is contained in:
Chris Kruining 2025-08-21 14:53:28 +02:00
parent 995fdaeb1d
commit f4ff383d28
No known key found for this signature in database
GPG key ID: EB894A3560CCCAD2
2 changed files with 43 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

36
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -26,10 +26,46 @@ in
tlsMode = "external";
settings = {
Port = 9092;
ExternalDomain = "auth.amarth.cloud";
ExternalPort = 443;
ExternalSecure = true;
Metrics.Type = "otel";
Tracing.Type = "otel";
Telemetry.Enabled = true;
SystemDefaults = {
PasswordHasher.Hasher.Algorithm = "argon2id";
SecretHasher.Hasher.Algorithm = "argon2id";
};
DefaultInstance = {
PasswordComplexityPolicy = {
MinLength = 20;
HasLowercase = false;
HasUppercase = false;
HasNumber = false;
HasSymbol = false;
};
LoginPolicy = {
AllowRegister = false;
ForceMFA = true;
};
LockoutPolicy = {
MaxPasswordAttempts = 5;
MaxOTPAttempts = 10;
};
SMTPConfiguration = {
SMTP = {
Host = "black-mail.nl:587";
User = "info@amarth.cloud";
Password = "__TODO_USE_SOPS__";
};
FromName = "Amarth Zitadel";
};
};
Database.postgres = {
Host = "localhost";
# Zitadel will report error if port is not set

11
modules/nixos/services/development/forgejo/default.nix
View file

@ -23,7 +23,8 @@ in
settings = {
DEFAULT = {
APP_NAME = "Chris' Forge";
APP_NAME = "Tamin Amarth";
APP_SLOGAN = "Where code is forged";
};
server = {
@ -112,10 +113,12 @@ in
mailer = {
ENABLED = true;
SMTP_ADDR = "smpts://smtp.black-mail.nl";
PROTOCOL = "smtp+starttls";
SMTP_ADDR = "black-mail.nl";
SMTP_PORT = 587;
FROM = "info@amarth.cloud";
USER = "amarth";
PASSWD = "/var/lib/forgejo/custom/mail_password";
USER = "info@amarth.cloud";
PASSWD = "__TODO_USE_SOPS__";
};
};
};