2023-08-31 00:55:45 +02:00
|
|
|
{ config, lib, depot, ... }:
|
|
|
|
|
with depot.lib.nginx;
|
2021-10-16 19:34:42 +02:00
|
|
|
{
|
2022-06-18 02:44:51 +02:00
|
|
|
links.bitwarden.protocol = "http";
|
2021-11-29 01:38:59 +01:00
|
|
|
|
2021-10-16 19:34:42 +02:00
|
|
|
services.nginx.virtualHosts = mappers.mapSubdomains {
|
2022-06-18 02:44:51 +02:00
|
|
|
keychain = vhosts.proxy config.links.bitwarden.url;
|
2021-10-16 19:34:42 +02:00
|
|
|
};
|
2021-12-02 22:16:09 +01:00
|
|
|
services.vaultwarden = {
|
2021-10-16 19:34:42 +02:00
|
|
|
enable = true;
|
|
|
|
|
backupDir = "/srv/storage/private/bitwarden/backups";
|
|
|
|
|
config = {
|
|
|
|
|
dataFolder = "/srv/storage/private/bitwarden/data";
|
2022-06-18 02:44:51 +02:00
|
|
|
rocketPort = config.links.bitwarden.port;
|
2021-10-16 19:34:42 +02:00
|
|
|
};
|
|
|
|
|
#environmentFile = ""; # TODO: agenix
|
|
|
|
|
};
|
2021-12-02 22:16:09 +01:00
|
|
|
systemd.services.vaultwarden.serviceConfig = {
|
2021-10-16 19:34:42 +02:00
|
|
|
ReadWriteDirectories = "/srv/storage/private/bitwarden";
|
|
|
|
|
};
|
2021-12-02 23:42:01 +01:00
|
|
|
systemd.services.backup-vaultwarden = {
|
|
|
|
|
environment.DATA_FOLDER = lib.mkForce config.services.vaultwarden.config.dataFolder;
|
|
|
|
|
serviceConfig = {
|
|
|
|
|
ReadWriteDirectories = "/srv/storage/private/bitwarden";
|
|
|
|
|
};
|
|
|
|
|
};
|
2021-10-16 19:34:42 +02:00
|
|
|
}
|
