diff options
author | makefu <github@syntax-fehler.de> | 2021-04-04 08:43:55 +0200 |
---|---|---|
committer | makefu <github@syntax-fehler.de> | 2021-04-04 08:43:55 +0200 |
commit | 8911431f8c109ad90b031c5a27c7ecbc3f912857 (patch) | |
tree | a091dd784d04fd234311aca85a690c270c02c6d8 | |
parent | a05435c26acb078972a8f264d9aa2b519755958c (diff) |
ma bitwarden: init for gum.r
-rw-r--r-- | makefu/1systems/gum/config.nix | 5 | ||||
-rw-r--r-- | makefu/2configs/bitwarden.nix | 46 |
2 files changed, 50 insertions, 1 deletions
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index 83fbd8f83..862dfb53e 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -104,7 +104,8 @@ in { # sharing <stockholm/makefu/2configs/share/gum.nix> # samba sahre <stockholm/makefu/2configs/torrent.nix> - <stockholm/makefu/2configs/sickbeard> + # <stockholm/makefu/2configs/sickbeard> + <stockholm/makefu/2configs/bitwarden.nix> { nixpkgs.config.allowUnfree = true; } #<stockholm/makefu/2configs/retroshare.nix> @@ -117,7 +118,9 @@ in { <stockholm/makefu/2configs/vpn/openvpn-server.nix> # <stockholm/makefu/2configs/vpn/vpnws/server.nix> <stockholm/makefu/2configs/binary-cache/server.nix> + { makefu.backup.server.repo = "/var/backup/borg"; } <stockholm/makefu/2configs/backup/server.nix> + <stockholm/makefu/2configs/backup/state.nix> <stockholm/makefu/2configs/iodined.nix> <stockholm/makefu/2configs/bitlbee.nix> <stockholm/makefu/2configs/wireguard/server.nix> diff --git a/makefu/2configs/bitwarden.nix b/makefu/2configs/bitwarden.nix new file mode 100644 index 000000000..7e317e596 --- /dev/null +++ b/makefu/2configs/bitwarden.nix @@ -0,0 +1,46 @@ +{ pkgs, ... }: +let + port = 8812; +in { + services.bitwarden_rs = { + enable = true; + dbBackend = "postgresql"; + config.signups_allowed = false; + config.rocketPort = port; + config.domain = "https://bw.euer.krebsco.de"; + #config.databaseUrl = "postgresql://bitwardenuser:${dbPassword}@localhost/bitwarden"; + config.databaseUrl = "postgresql:///bitwarden"; + config.websocket_enabled = true; + }; + + systemd.services.bitwarden_rs.after = [ "postgresql.service" ]; + + services.postgresql = { + enable = true; + ensureDatabases = [ "bitwarden" ]; + ensureUsers = [ { name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; } ]; + #initialScript = pkgs.writeText "postgresql-init.sql" '' + # CREATE DATABASE bitwarden; + # CREATE USER bitwardenuser WITH PASSWORD '${dbPassword}'; + # GRANT ALL PRIVILEGES ON DATABASE bitwarden TO bitwardenuser; + #''; + }; + + services.nginx.virtualHosts."bw.euer.krebsco.de" ={ + forceSSL = true; + enableACME = true; + + locations."/" = { + proxyPass = "http://localhost:8812"; + proxyWebsockets = true; + }; + locations."/notifications/hub" = { + proxyPass = "http://localhost:3012"; + proxyWebsockets = true; + }; + locations."/notifications/hub/negotiate" = { + proxyPass = "http://localhost:8812"; + proxyWebsockets = true; + }; + }; +} |