migrated bitwarden

This commit is contained in:
Ingolf Wagner 2022-01-23 20:23:47 +01:00
parent 766f4a8b4b
commit 9c62efc86e
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
8 changed files with 72 additions and 43 deletions

View file

@ -111,4 +111,9 @@
after = [ "media.mount" ];
};
backup.dirs = [
config.services.syncthing.folders.finance.path
];
}

View file

@ -1,25 +1,28 @@
{ lib, config, pkgs, ... }: {
imports = [
../../system/all/defaults.nix
../../system/all/tinc.nix
../../system/all/borg-jobs.nix
../../system/all/defaults.nix
../../system/all/sshd-known-hosts-bootup.nix
../../system/all/sshd-known-hosts-private.nix
../../system/all/sshd-known-hosts-public.nix
../../system/all/syncthing.nix
../../system/all/tinc.nix
../../system/server/netdata.nix
./hetzner.nix
./codimd.nix
./gitea.nix
./grocy.nix
./nextcloud.nix
./packages.nix
./tinc.nix
./syncthing.nix
./taskserver.nix
./tinc.nix
./transmission.nix
./nextcloud.nix
./codimd.nix
./gitea.nix
#./gitlab.nix
# todo
#./bitwarden.nix
./vaultwarden.nix
#../../system/server
@ -78,7 +81,5 @@
fsType = "ext4";
};
}

View file

@ -0,0 +1,16 @@
{ config, lib, pkgs, ... }:
{
services.grocy = {
enable = true;
settings = {
culture = "de";
currency = "EUR";
};
hostName = "grocy.ingolf-wagner.de";
nginx.enableSSL = true;
};
backup.dirs = [ config.services.grocy.dataDir ];
}

View file

@ -66,28 +66,28 @@ in
priority = 210;
extraConfig = "return 301 $scheme://$host/remote.php/dav;";
};
"~ .(?:css|js|svg|gif)$" = {
proxyPass = "http://${containerAddress}$request_uri";
extraConfig = ''
expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
sub_filter "http://nextcloud.ingolf-wagner.de" "https://nextcloud.ingolf-wagner.de";
sub_filter "nextcloud.workhorse.private" "nextcloud.ingolf-wagner.de";
# used for view/edit office file via Office Online Server
client_max_body_size 0;
'';
};
"~ .woff2?$" = {
proxyPass = "http://${containerAddress}$request_uri";
extraConfig = ''
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
sub_filter "http://nextcloud.ingolf-wagner.de" "https://nextcloud.ingolf-wagner.de";
sub_filter "nextcloud.workhorse.private" "nextcloud.ingolf-wagner.de";
# used for view/edit office file via Office Online Server
client_max_body_size 0;
'';
};
#"~ .(?:css|js|svg|gif)$" = {
# proxyPass = "http://${containerAddress}$request_uri";
# extraConfig = ''
# expires 6M; # Cache-Control policy borrowed from `.htaccess`
# access_log off; # Optional: Don't log access to assets
# sub_filter "http://nextcloud.ingolf-wagner.de" "https://nextcloud.ingolf-wagner.de";
# sub_filter "nextcloud.workhorse.private" "nextcloud.ingolf-wagner.de";
# # used for view/edit office file via Office Online Server
# client_max_body_size 0;
# '';
#};
#"~ .woff2?$" = {
# proxyPass = "http://${containerAddress}$request_uri";
# extraConfig = ''
# expires 7d; # Cache-Control policy borrowed from `.htaccess`
# access_log off; # Optional: Don't log access to assets
# sub_filter "http://nextcloud.ingolf-wagner.de" "https://nextcloud.ingolf-wagner.de";
# sub_filter "nextcloud.workhorse.private" "nextcloud.ingolf-wagner.de";
# # used for view/edit office file via Office Online Server
# client_max_body_size 0;
# '';
#};
};
};
};
@ -240,7 +240,7 @@ in
# nextcloud setup
services.nextcloud = {
enable = true;
package = pkgs.nextcloud22;
package = pkgs.nextcloud23;
autoUpdateApps.enable = true;
#nginx.enable = true;
hostName = "nextcloud.ingolf-wagner.de";

View file

@ -1,5 +1,7 @@
{ config, lib, pkgs, ... }: {
imports = [ ../../system/all/tinc.nix ];
module.cluster.services.tinc = {
"private" = {
enable = true;

View file

@ -23,13 +23,15 @@
security.wrappers = {
pmount = {
source = "${pkgs.pmount}/bin/pmount";
owner = config.users.users.mainUser.name;
group = "nogroup";
setuid = true;
owner = "root";
group = "root";
};
pumount = {
source = "${pkgs.pmount}/bin/pumount";
owner = config.users.users.mainUser.name;
group = "nogroup";
setuid = true;
owner = "root";
group = "root";
};
};

View file

@ -1,12 +1,15 @@
{ config, lib, pkgs, ... }:
let
nextcloudSync = folder:
let
password = "$( pass show home/nextcloud/palo/nextcloudcmd-token)";
user = "palo";
in
pkgs.writers.writeBashBin "nextcloud-sync-${folder}" ''
${pkgs.nextcloud-client}/bin/nextcloudcmd \
--user palo \
--password `pass show home/nextcloud/palo/nextcloudcmd-token` \
--path "${folder}" \
~/Nextcloud/${folder} \
https://nextcloud.ingolf-wagner.de/remote.php/webdav/${folder}
"https://${user}:${password}@nextcloud.ingolf-wagner.de"
'';
in