fix zulip?

author: andromeda <andromeda@lenovo> 2026-01-12 15:41:06 +0100
committer: andromeda <andromeda@lenovo> 2026-01-12 15:41:06 +0100
commit: 90ad40e207de4f880cc13960995a6c4a65df9c8b (patch)
tree: 81eb2c9bfa0477ceb03a6ff26fb6f282adb90909 /modules/nixos
parent: 803bc95317806841ef8f9a4a57be04eea671e7ad (diff)
1 files changed, 22 insertions, 8 deletions
diff --git a/modules/nixos/zulip.nix b/modules/nixos/zulip.nix
index ee063c3..d53113d 100644
--- a/modules/nixos/zulip.nix
+++ b/modules/nixos/zulip.nix
@@ -8,25 +8,39 @@
     # host domain
     host = "chat.${config.networking.domain}";
 
-    # secrets
+    # secrets; head rolled on keyboard for all :)
     camoKeyFile = builtins.toString config.age.secrets.zulip-camoKey.path;
     rabbitmqPasswordFile = builtins.toString config.age.secrets.zulip-rabbitmqPassword.path;
     secretKeyFile = builtins.toString config.age.secrets.zulip-secretKey.path;
     sharedSecretKeyFile = builtins.toString config.age.secrets.zulip-sharedSecretKey.path;
     avatarSaltKeyFile = builtins.toString config.age.secrets.zulip-avatarSaltKey.path;
-    extraSecrets = {
-      email_password = builtins.toString config.age.secrets.zulip-extraSecrets-email_password.path;
-    };
+
+    # TODO check for parity with `mailserver-acc-admin-pw.age`
+    extraSecrets.email_password = builtins.toString config.age.secrets.zulip-extraSecrets-email_password.path;
 
     # settings
     zulipSettings = rec {
-      EMAIL_USE_TLS = true;
-      EMAIL_PORT = 587;
+      # email settings
+      ZULIP_ADMINISTRATOR = "admin@${config.networking.domain}";
+
+      # configure mailserver port
+      EMAIL_HOST = config.mailserver.fqdn;
+      EMAUL_USE_TLS = config.mailserver.enableSubmissionSsl;
+      EMAIL_PORT =
+        if config.mailserver.enableSubmissionSsl
+        then 465
+        else 587;
+
+      # setting to allow realm creation; probably unsafe, might delete later :3
+      OPEN_REALM_CREATION = true;
+
+      # send all noreply emails from `admin@galaxious.de`
+      # TODO configure admin to send from any address
       ADD_TOKENS_TO_NOREPLY_ADDRESS = false;
       NOREPLY_EMAIL_ADDRESS = ZULIP_ADMINISTRATOR;
-      OPEN_REALM_CREATION = true;
+
+      # domain name
       EXTERNAL_HOST = config.services.zulip.host;
-      ZULIP_ADMINISTRATOR = "admin@${config.networking.domain}";
     };
   };
 }
author	andromeda <andromeda@lenovo>	2026-01-12 15:41:06 +0100
committer	andromeda <andromeda@lenovo>	2026-01-12 15:41:06 +0100
commit	90ad40e207de4f880cc13960995a6c4a65df9c8b (patch)
tree	81eb2c9bfa0477ceb03a6ff26fb6f282adb90909 /modules/nixos
parent	803bc95317806841ef8f9a4a57be04eea671e7ad (diff)