Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change runtime dir size, add vaultwarden ldap back

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-08-16 23:55:08 +02:00
parent a7be64ec8e
commit aff39fca6f
2 changed files with 26 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/web-01.cloonar.com/configuration.nix
View File

@@ -35,6 +35,8 @@
./sites/mehr-leistbaren-wohnraum-schaffen.cloonar.dev.nix ./sites/mehr-leistbaren-wohnraum-schaffen.cloonar.dev.nix
]; ];
services.logind.extraConfig = "RuntimeDirectorySize=2G";
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.defaultSopsFile = ./secrets.yaml; sops.defaultSopsFile = ./secrets.yaml;
nix.gc.options = "--delete-older-than 60d"; nix.gc.options = "--delete-older-than 60d";

48
utils/modules/bitwarden/default.nix
View File

@@ -30,9 +30,9 @@ in {
../nur.nix ../nur.nix
]; ];
# environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# nur.repos.mic92.vaultwarden_ldap nur.repos.mic92.vaultwarden_ldap
# ]; ];
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
@@ -53,27 +53,27 @@ in {
EnvironmentFile = [config.sops.secrets.bitwarden-smtp-password.path]; EnvironmentFile = [config.sops.secrets.bitwarden-smtp-password.path];
}; };
# systemd.services.vaultwarden_ldap = { systemd.services.vaultwarden_ldap = {
# wantedBy = ["multi-user.target"]; wantedBy = ["multi-user.target"];
#
# preStart = '' preStart = ''
# sed \ sed \
# -e "s=@LDAP_PASSWORD@=$(<${config.sops.secrets.bitwarden-ldap-password.path})=" \ -e "s=@LDAP_PASSWORD@=$(<${config.sops.secrets.bitwarden-ldap-password.path})=" \
# -e "s=@ADMIN_TOKEN@=$(<${config.sops.secrets.bitwarden-admin-token.path})=" \ -e "s=@ADMIN_TOKEN@=$(<${config.sops.secrets.bitwarden-admin-token.path})=" \
# ${ldapConfigFile} \ ${ldapConfigFile} \
# > /run/vaultwarden_ldap/config.toml > /run/vaultwarden_ldap/config.toml
# ''; '';
#
# serviceConfig = { serviceConfig = {
# Restart = "on-failure"; Restart = "on-failure";
# RestartSec = "2s"; RestartSec = "2s";
# ExecStart = "${pkgs.nur.repos.mic92.vaultwarden_ldap}/bin/vaultwarden_ldap"; ExecStart = "${pkgs.nur.repos.mic92.vaultwarden_ldap}/bin/vaultwarden_ldap";
# Environment = "CONFIG_PATH=/run/vaultwarden_ldap/config.toml"; Environment = "CONFIG_PATH=/run/vaultwarden_ldap/config.toml";
#
# RuntimeDirectory = ["vaultwarden_ldap"]; RuntimeDirectory = ["vaultwarden_ldap"];
# User = "vaultwarden_ldap"; User = "vaultwarden_ldap";
# }; };
# }; };
services.nginx.virtualHosts."bitwarden.cloonar.com" = { services.nginx.virtualHosts."bitwarden.cloonar.com" = {
forceSSL = true; forceSSL = true;