diff --git a/roles/forgejo/templates/docker-compose.yml.j2 b/roles/forgejo/templates/docker-compose.yml.j2
index d62ef88..64c3f3e 100644
--- a/roles/forgejo/templates/docker-compose.yml.j2
+++ b/roles/forgejo/templates/docker-compose.yml.j2
@@ -33,6 +33,12 @@ services:
       FORGEJO__auth__OIDC_ADMIN_GROUP: admins
       FORGEJO__ui__DEFAULT_THEME: "gitea"
       FORGEJO__ui__SHOW_USER_EMAIL: "false"
+      # SMTP Configuration for email notifications
+      FORGEJO__mailer__ENABLED: "true"
+      FORGEJO__mailer__PROTOCOL: "smtp"
+      FORGEJO__mailer__SMTP_ADDR: "postfix"
+      FORGEJO__mailer__SMTP_PORT: "25"
+      FORGEJO__mailer__FROM: "{{ forgejo_mailer_from | default('forgejo@' + forgejo_hostname) }}"
     volumes:
       - forgejo_data:/data
       - ./robots.txt:/data/forgejo/public/robots.txt:ro
@@ -42,6 +48,12 @@ services:
       - proxy
       # - forgejo
     restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+    tmpfs:
+      - /tmp:noexec,nosuid,size=100m
+      - /var/run:noexec,nosuid,size=50m
+      - /var/tmp:noexec,nosuid,size=50m
     deploy:
       resources:
         limits: