summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakefu <github@syntax-fehler.de>2021-04-04 08:43:55 +0200
committermakefu <github@syntax-fehler.de>2021-04-04 08:43:55 +0200
commit8911431f8c109ad90b031c5a27c7ecbc3f912857 (patch)
treea091dd784d04fd234311aca85a690c270c02c6d8
parenta05435c26acb078972a8f264d9aa2b519755958c (diff)
ma bitwarden: init for gum.r
-rw-r--r--makefu/1systems/gum/config.nix5
-rw-r--r--makefu/2configs/bitwarden.nix46
2 files changed, 50 insertions, 1 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 83fbd8f83..862dfb53e 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -104,7 +104,8 @@ in {
# sharing
<stockholm/makefu/2configs/share/gum.nix> # samba sahre
<stockholm/makefu/2configs/torrent.nix>
- <stockholm/makefu/2configs/sickbeard>
+ # <stockholm/makefu/2configs/sickbeard>
+ <stockholm/makefu/2configs/bitwarden.nix>
{ nixpkgs.config.allowUnfree = true; }
#<stockholm/makefu/2configs/retroshare.nix>
@@ -117,7 +118,9 @@ in {
<stockholm/makefu/2configs/vpn/openvpn-server.nix>
# <stockholm/makefu/2configs/vpn/vpnws/server.nix>
<stockholm/makefu/2configs/binary-cache/server.nix>
+ { makefu.backup.server.repo = "/var/backup/borg"; }
<stockholm/makefu/2configs/backup/server.nix>
+ <stockholm/makefu/2configs/backup/state.nix>
<stockholm/makefu/2configs/iodined.nix>
<stockholm/makefu/2configs/bitlbee.nix>
<stockholm/makefu/2configs/wireguard/server.nix>
diff --git a/makefu/2configs/bitwarden.nix b/makefu/2configs/bitwarden.nix
new file mode 100644
index 000000000..7e317e596
--- /dev/null
+++ b/makefu/2configs/bitwarden.nix
@@ -0,0 +1,46 @@
+{ pkgs, ... }:
+let
+ port = 8812;
+in {
+ services.bitwarden_rs = {
+ enable = true;
+ dbBackend = "postgresql";
+ config.signups_allowed = false;
+ config.rocketPort = port;
+ config.domain = "https://bw.euer.krebsco.de";
+ #config.databaseUrl = "postgresql://bitwardenuser:${dbPassword}@localhost/bitwarden";
+ config.databaseUrl = "postgresql:///bitwarden";
+ config.websocket_enabled = true;
+ };
+
+ systemd.services.bitwarden_rs.after = [ "postgresql.service" ];
+
+ services.postgresql = {
+ enable = true;
+ ensureDatabases = [ "bitwarden" ];
+ ensureUsers = [ { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } ];
+ #initialScript = pkgs.writeText "postgresql-init.sql" ''
+ # CREATE DATABASE bitwarden;
+ # CREATE USER bitwardenuser WITH PASSWORD '${dbPassword}';
+ # GRANT ALL PRIVILEGES ON DATABASE bitwarden TO bitwardenuser;
+ #'';
+ };
+
+ services.nginx.virtualHosts."bw.euer.krebsco.de" ={
+ forceSSL = true;
+ enableACME = true;
+
+ locations."/" = {
+ proxyPass = "http://localhost:8812";
+ proxyWebsockets = true;
+ };
+ locations."/notifications/hub" = {
+ proxyPass = "http://localhost:3012";
+ proxyWebsockets = true;
+ };
+ locations."/notifications/hub/negotiate" = {
+ proxyPass = "http://localhost:8812";
+ proxyWebsockets = true;
+ };
+ };
+}