diff --git a/m/hut/gitea.nix b/m/hut/gitea.nix
index 02e0d50b..433b2016 100644
--- a/m/hut/gitea.nix
+++ b/m/hut/gitea.nix
@@ -29,6 +29,9 @@
     };
   };
 
+  # Allow gitea user to send mail
+  users.users.gitea.extraGroups = [ "mail-robot" ];
+
   services.gitea-actions-runner.instances = {
     runrun = {
       enable = true;
diff --git a/m/hut/msmtp.nix b/m/hut/msmtp.nix
index aaeaf5d0..73a9a49a 100644
--- a/m/hut/msmtp.nix
+++ b/m/hut/msmtp.nix
@@ -1,8 +1,11 @@
 { config, lib, ... }:
 {
+  # Robot user that can see the password to send mail from jungle-robot
+  users.groups.mail-robot = {};
+
   age.secrets.jungleRobotPassword = {
     file = ../../secrets/jungle-robot-password.age;
-    group = "gitea";
+    group = "mail-robot";
     mode = "440";
   };