vps1: git: mailer stuff

hosts/vps1/services/git.nix

@@ -3,6 +3,7 @@
 let
   inherit (data.host) rootDomain;
   inherit (data.services.git) domain sshPort;
+  mailDomain = data.services.mailserver.domain;
 
   cfg = config.services.forgejo;
   srv = cfg.settings.server;
@@ -10,6 +11,13 @@ let
   stateDir = "/var/lib/forgejo";
   customDir = "${stateDir}/custom";
   confDir = "${customDir}/conf";
+
+  sops_opts = {
+    sopsFile = ../secrets/forgejo.yaml;
+    format = "yaml";
+    owner = "forgejo";
+    group = "forgejo";
+  };
 in
 {
   services.nginx.virtualHosts.${domain} = {
@@ -28,6 +36,7 @@ in
     enable = true;
     inherit stateDir;
     inherit customDir;
+    mailerPasswordFile = config.sops.secrets."forgejo/email_password".path;
     database = {
       type = "postgres";
       createDatabase = true;
@@ -76,22 +85,27 @@ in
       };
       mailer = {
         ENABLED = true;
-        PROTOCOL = "sendmail";
-        FROM = "forgejo@${domain}";
+        PROTOCOL = "smtps";
+        SMTP_ADDR = mailDomain;
+        SMTP_PORT = 465;
+        USER = "forgejo@${rootDomain}";
+        FROM = "Lgmrszd's Forgejo <forgejo@${domain}>";
         SENDMAIL_PATH = "/run/wrappers/bin/sendmail";
         SENDMAIL_ARGS = "--";
       };
-      # "email.incoming" = {
-      #   ENABLED = true;
-      #   REPLY_TO_ADDRESS = "forgejo+%{token}@${domain}";
-      # };
+      "email.incoming" = {
+        ENABLED = true;
+        REPLY_TO_ADDRESS = "forgejo+%{token}@${domain}";
+        HOST = mailDomain;
+        PORT = 993;
+        USE_TLS = true;
+        USERNAME = "forgejo@${rootDomain}";
+        PASSWORD = "#mailerpass#";
+      };
     };
   };
 
-  sops.secrets."forgejo/db_password" = {
-    sopsFile = ../secrets/forgejo.yaml;
-    format = "yaml";
-    owner = "forgejo";
-    group = "forgejo";
-  };
+  sops.secrets."forgejo/email_password" = sops_opts;
+
+  sops.secrets."forgejo/db_password" = sops_opts;
 }