From 0e9e01b50cb439b308159cf7687c8bad0016a59f Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Thu, 5 Aug 2021 09:01:39 +0200 Subject: [PATCH] add bitwarden --- configs/sputnik/bitwarden.nix | 13 +++++++++++++ configs/sputnik/configuration.nix | 1 + configs/sputnik/nginx.nix | 23 +++++++++++++++++++++++ configs/workhorse/bitwarden.nix | 10 ---------- configs/workhorse/graylog.nix | 2 +- 5 files changed, 38 insertions(+), 11 deletions(-) create mode 100644 configs/sputnik/bitwarden.nix delete mode 100644 configs/workhorse/bitwarden.nix diff --git a/configs/sputnik/bitwarden.nix b/configs/sputnik/bitwarden.nix new file mode 100644 index 0000000..52e1820 --- /dev/null +++ b/configs/sputnik/bitwarden.nix @@ -0,0 +1,13 @@ +{ config, pkgs, lib, ... }: { + services.bitwarden_rs = { + enable = true; + config = { + domain = "https://bitwarden.ingolf-wagner.de"; + #signupsAllowed = true; + signupsAllowed = false; + rocketPort = 8222; + rocketLog = "critical"; + }; + }; + +} diff --git a/configs/sputnik/configuration.nix b/configs/sputnik/configuration.nix index b967950..a44f5f8 100644 --- a/configs/sputnik/configuration.nix +++ b/configs/sputnik/configuration.nix @@ -8,6 +8,7 @@ ./nginx.nix ./tinc.nix ./codimd.nix + ./bitwarden.nix #./syncplay.nix #./mail-server.nix diff --git a/configs/sputnik/nginx.nix b/configs/sputnik/nginx.nix index 2e3209a..70a836f 100644 --- a/configs/sputnik/nginx.nix +++ b/configs/sputnik/nginx.nix @@ -39,6 +39,29 @@ in { recommendedProxySettings = true; virtualHosts = { + "bitwarden.ingolf-wagner.de" = { + listen = [ + { + addr = "0.0.0.0"; + port = 4443; + ssl = true; + } + { + addr = "0.0.0.0"; + port = 80; + ssl = false; + } + ]; + forceSSL = true; + enableACME = true; + + locations."/" = { + proxyPass = "http://localhost:${ + toString config.services.bitwarden_rs.config.rocketPort + }"; + }; + }; + "git.ingolf-wagner.de" = { listen = [ { diff --git a/configs/workhorse/bitwarden.nix b/configs/workhorse/bitwarden.nix deleted file mode 100644 index a270209..0000000 --- a/configs/workhorse/bitwarden.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, lib, pkgs, ... }: { - services.bitwarden_rs = { - enable = true; - backupDir = "/home/bitwarden_backups"; - config = { signupsAllowed = true; }; - }; - - backup.dirs = [ config.services.bitwarden_rs.backupDir ]; - -} diff --git a/configs/workhorse/graylog.nix b/configs/workhorse/graylog.nix index 507edd9..11853a5 100644 --- a/configs/workhorse/graylog.nix +++ b/configs/workhorse/graylog.nix @@ -27,7 +27,7 @@ in { services.elasticsearch = { enable = true; listenAddress = "${config.networking.hostName}.private"; - extraJavaOptions = ["-Des.http.cname_in_publish_address=true"]; + extraJavaOptions = [ "-Des.http.cname_in_publish_address=true" ]; }; services.graylog.enable = true;