Commit 05a8886

HPCesia <me@hpcesia.com>
2025-10-03 19:24:34
refactor: migrate vaultwarden
1 parent a130ac7
Changed files (4)
hosts
modules
hosts
chaser-pardofelis
services
hosts/chaser-pardofelis/caddy.nix
@@ -25,7 +25,6 @@ in {
         grafana = "http://localhost:${builtins.toString config.services.grafana.settings.server.http_port}";
         homepage = "http://localhost:${builtins.toString config.services.homepage-dashboard.listenPort}";
         prometheus = "http://${config.services.victoriametrics.listenAddress}";
-        vaultwarden = "http://localhost:${builtins.toString config.services.vaultwarden.config.rocketPort}";
       };
     in {
       "artalk.hpcesia.com".extraConfig = ''
@@ -41,10 +40,6 @@ in {
         encode zstd gzip
         reverse_proxy ${localAddress.authelia}
       '';
-      "bitwarden.hpcesia.com".extraConfig = ''
-        encode zstd gzip
-        reverse_proxy ${localAddress.vaultwarden}
-      '';
       "grafana.hpcesia.com".extraConfig = ''
         encode zstd gzip
         reverse_proxy ${localAddress.grafana}
hosts/chaser-pardofelis/vaultwarden.nix
@@ -1,13 +0,0 @@
-{...}: {
-  services.vaultwarden = {
-    enable = true;
-    dbBackend = "sqlite";
-    config = {
-      domain = "https://bitwarden.hpcesia.com";
-      signupsAllowed = false;
-      rocketAddress = "127.0.0.1";
-      rocketPort = 40031;
-      webVaultEnabled = true;
-    };
-  };
-}
modules/hosts/chaser-pardofelis/default.nix
@@ -18,6 +18,7 @@
           "goatcounter"
           "gotosocial"
           "podman"
+          "vaultwarden"
         ]
       );
   };
modules/services/vaultwarden.nix
@@ -0,0 +1,24 @@
+{lib, ...}: {
+  flake.modules.nixos."services/vaultwarden" = {config, ...}: {
+    services.vaultwarden = {
+      enable = true;
+      dbBackend = "sqlite";
+      config = {
+        domain = "https://bitwarden.hpcesia.com";
+        signupsAllowed = false;
+        rocketAddress = "127.0.0.1";
+        rocketPort = 40031;
+        webVaultEnabled = true;
+      };
+    };
+
+    services.caddy.virtualHosts."bitwarden.hpcesia.com".extraConfig =
+      lib.mkIf config.services.caddy.enable
+      (let
+        localAddress = "http://localhost:${builtins.toString config.services.vaultwarden.config.rocketPort}";
+      in ''
+        encode zstd gzip
+        reverse_proxy ${localAddress}
+      '');
+  };
+}