27 lines
828 B
Nix
27 lines
828 B
Nix
{ config, lib, tools, ... }:
|
|
with tools.nginx;
|
|
{
|
|
links.bitwarden.protocol = "http";
|
|
|
|
services.nginx.virtualHosts = mappers.mapSubdomains {
|
|
keychain = vhosts.proxy config.links.bitwarden.url;
|
|
};
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
backupDir = "/srv/storage/private/bitwarden/backups";
|
|
config = {
|
|
dataFolder = "/srv/storage/private/bitwarden/data";
|
|
rocketPort = config.links.bitwarden.port;
|
|
};
|
|
#environmentFile = ""; # TODO: agenix
|
|
};
|
|
systemd.services.vaultwarden.serviceConfig = {
|
|
ReadWriteDirectories = "/srv/storage/private/bitwarden";
|
|
};
|
|
systemd.services.backup-vaultwarden = {
|
|
environment.DATA_FOLDER = lib.mkForce config.services.vaultwarden.config.dataFolder;
|
|
serviceConfig = {
|
|
ReadWriteDirectories = "/srv/storage/private/bitwarden";
|
|
};
|
|
};
|
|
}
|