services: matrix: add smtp server

2021-06-09 14:53:11 +02:00 · 2021-06-09 14:53:11 +02:00 · 1b6258e363
parent 3d658d1d21
commit 1b6258e363
5 changed files with 63 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -1,3 +1,4 @@
 secrets/**/*.secret filter=git-crypt diff=git-crypt
+secrets/matrix-email-config.nix filter=git-crypt diff=git-crypt
 secrets/wireguard.nix filter=git-crypt diff=git-crypt
 home/secrets/*.secret filter=git-crypt diff=git-crypt
--- a/hosts/poseidon/default.nix
+++ b/hosts/poseidon/default.nix
@ -94,6 +94,7 @@ in
    matrix = {
      enable = true;
      registration_shared_secret = secrets.matrix-registration-shared-secret;
+      emailConfig = secrets.matrixEmailConfig;
    };

    monitoring = {
--- a/secrets/default.nix
+++ b/secrets/default.nix
@ -18,5 +18,7 @@ with lib;
    borg-backup = import ./borg-backup { inherit lib; };

    wireguard = pkgs.callPackage ./wireguard.nix { };
+
+    matrixEmailConfig = import ./matrix-email-config.nix;
  };
 }
--- a/secrets/matrix-email-config.nix
+++ b/secrets/matrix-email-config.nix
--- a/services/matrix.nix
+++ b/services/matrix.nix
@ -28,6 +28,31 @@ in {
      example = "deadbeef";
      description = "Shared secret to register users";
    };
+
+    emailConfig = mkOption {
+      type = types.submodule {
+        options = {
+          smtpHost = mkOption {
+            type = types.str;
+            default = "localhost";
+          };
+          smtpPort = mkOption {
+            type = types.port;
+            default = 587;
+          };
+          smtpUser = mkOption {
+            type = types.str;
+          };
+          smtpPass = mkOption {
+            type = types.str;
+          };
+          notifFrom = mkOption {
+            type = types.str;
+            example = "Your Friendly %(app)s homeserver <noreply@example.com>";
+          };
+        };
+      };
+    };
  };

  config = lib.mkIf cfg.enable {
@ -69,6 +94,40 @@ in {
      extraConfig = ''
        experimental_features: { spaces_enabled: true }
        use_presence: false
+
+        email:
+          # The hostname of the outgoing SMTP server to use. Defaults to 'localhost'.
+          #
+          smtp_host: "${cfg.emailConfig.smtpHost}"
+
+          # The port on the mail server for outgoing SMTP. Defaults to 25.
+          #
+          smtp_port: ${toString cfg.emailConfig.smtpPort}
+
+          # Username/password for authentication to the SMTP server. By default, no
+          # authentication is attempted.
+          #
+          smtp_user: "${cfg.emailConfig.smtpUser}"
+          smtp_pass: "${cfg.emailConfig.smtpPass}"
+
+          # Uncomment the following to require TLS transport security for SMTP.
+          # By default, Synapse will connect over plain text, and will then switch to
+          # TLS via STARTTLS *if the SMTP server supports it*. If this option is set,
+          # Synapse will refuse to connect unless the server supports STARTTLS.
+          #
+          require_transport_security: true
+
+          # notif_from defines the "From" address to use when sending emails.
+          # It must be set if email sending is enabled.
+          #
+          # The placeholder '%(app)s' will be replaced by the application name,
+          # which is normally 'app_name' (below), but may be overridden by the
+          # Matrix client application.
+          #
+          # Note that the placeholder must be written '%(app)s', including the
+          # trailing 's'.
+          #
+          notif_from: "${cfg.emailConfig.notifFrom}"
      '';

      logConfig = ''