2021-10-16 20:34:42 +03:00
|
|
|
{ config, lib, tools, ... }:
|
|
|
|
|
with tools.nginx;
|
|
|
|
|
{
|
2022-06-18 03:44:51 +03:00
|
|
|
links.bitwarden.protocol = "http";
|
2021-11-29 02:38:59 +02:00
|
|
|
|
2021-10-16 20:34:42 +03:00
|
|
|
services.nginx.virtualHosts = mappers.mapSubdomains {
|
2022-06-18 03:44:51 +03:00
|
|
|
keychain = vhosts.proxy config.links.bitwarden.url;
|
2021-10-16 20:34:42 +03:00
|
|
|
};
|
2021-12-02 23:16:09 +02:00
|
|
|
services.vaultwarden = {
|
2021-10-16 20:34:42 +03:00
|
|
|
enable = true;
|
|
|
|
|
backupDir = "/srv/storage/private/bitwarden/backups";
|
|
|
|
|
config = {
|
|
|
|
|
dataFolder = "/srv/storage/private/bitwarden/data";
|
2022-06-18 03:44:51 +03:00
|
|
|
rocketPort = config.links.bitwarden.port;
|
2021-10-16 20:34:42 +03:00
|
|
|
};
|
|
|
|
|
#environmentFile = ""; # TODO: agenix
|
|
|
|
|
};
|
2021-12-02 23:16:09 +02:00
|
|
|
systemd.services.vaultwarden.serviceConfig = {
|
2021-10-16 20:34:42 +03:00
|
|
|
ReadWriteDirectories = "/srv/storage/private/bitwarden";
|
|
|
|
|
};
|
2021-12-03 00:42:01 +02:00
|
|
|
systemd.services.backup-vaultwarden = {
|
|
|
|
|
environment.DATA_FOLDER = lib.mkForce config.services.vaultwarden.config.dataFolder;
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
ReadWriteDirectories = "/srv/storage/private/bitwarden";
|
|
|
|
|
};
|
|
|
|
|
};
|
2021-10-16 20:34:42 +03:00
|
|
|
}
|
