From aff39fca6f53e79d11e8b21353a8409e96ff2dae Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Wed, 16 Aug 2023 23:55:08 +0200
Subject: [PATCH] change runtime dir size, add vaultwarden ldap back

---
 hosts/web-01.cloonar.com/configuration.nix |  2 +
 utils/modules/bitwarden/default.nix        | 48 +++++++++++-----------
 2 files changed, 26 insertions(+), 24 deletions(-)

diff --git a/hosts/web-01.cloonar.com/configuration.nix b/hosts/web-01.cloonar.com/configuration.nix
index 0d49659..735b981 100644
--- a/hosts/web-01.cloonar.com/configuration.nix
+++ b/hosts/web-01.cloonar.com/configuration.nix
@@ -35,6 +35,8 @@
     ./sites/mehr-leistbaren-wohnraum-schaffen.cloonar.dev.nix
   ];
 
+  services.logind.extraConfig = "RuntimeDirectorySize=2G";
+
   sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
   sops.defaultSopsFile = ./secrets.yaml;
   nix.gc.options = "--delete-older-than 60d";
diff --git a/utils/modules/bitwarden/default.nix b/utils/modules/bitwarden/default.nix
index 7e65f3a..782dc29 100644
--- a/utils/modules/bitwarden/default.nix
+++ b/utils/modules/bitwarden/default.nix
@@ -30,9 +30,9 @@ in {
     ../nur.nix
   ];
 
-  # environment.systemPackages = with pkgs; [
-  #   nur.repos.mic92.vaultwarden_ldap
-  # ];
+  environment.systemPackages = with pkgs; [
+    nur.repos.mic92.vaultwarden_ldap
+  ];
 
   services.vaultwarden = {
     enable = true;
@@ -53,27 +53,27 @@ in {
     EnvironmentFile = [config.sops.secrets.bitwarden-smtp-password.path];
   };
 
-  # systemd.services.vaultwarden_ldap = {
-  #   wantedBy = ["multi-user.target"];
-  #
-  #   preStart = ''
-  #     sed \
-  #       -e "s=@LDAP_PASSWORD@=$(<${config.sops.secrets.bitwarden-ldap-password.path})=" \
-  #       -e "s=@ADMIN_TOKEN@=$(<${config.sops.secrets.bitwarden-admin-token.path})=" \
-  #       ${ldapConfigFile} \
-  #       > /run/vaultwarden_ldap/config.toml
-  #   '';
-  #
-  #   serviceConfig = {
-  #     Restart = "on-failure";
-  #     RestartSec = "2s";
-  #     ExecStart = "${pkgs.nur.repos.mic92.vaultwarden_ldap}/bin/vaultwarden_ldap";
-  #     Environment = "CONFIG_PATH=/run/vaultwarden_ldap/config.toml";
-  #
-  #     RuntimeDirectory = ["vaultwarden_ldap"];
-  #     User = "vaultwarden_ldap";
-  #   };
-  # };
+  systemd.services.vaultwarden_ldap = {
+    wantedBy = ["multi-user.target"];
+
+    preStart = ''
+      sed \
+        -e "s=@LDAP_PASSWORD@=$(<${config.sops.secrets.bitwarden-ldap-password.path})=" \
+        -e "s=@ADMIN_TOKEN@=$(<${config.sops.secrets.bitwarden-admin-token.path})=" \
+        ${ldapConfigFile} \
+        > /run/vaultwarden_ldap/config.toml
+    '';
+
+    serviceConfig = {
+      Restart = "on-failure";
+      RestartSec = "2s";
+      ExecStart = "${pkgs.nur.repos.mic92.vaultwarden_ldap}/bin/vaultwarden_ldap";
+      Environment = "CONFIG_PATH=/run/vaultwarden_ldap/config.toml";
+
+      RuntimeDirectory = ["vaultwarden_ldap"];
+      User = "vaultwarden_ldap";
+    };
+  };
 
   services.nginx.virtualHosts."bitwarden.cloonar.com" = {
     forceSSL = true;