wip vault

2025-03-10 15:59:58 -05:00 · 2025-03-10 15:59:58 -05:00 · 2bec46813c
commit 2bec46813c
parent 4bab9c4f86
1 changed files with 50 additions and 8 deletions
--- a/hosts/oracle/o001/vaultwarden.nix
+++ b/hosts/oracle/o001/vaultwarden.nix
@ -1,19 +1,52 @@
 {
+  lib,
+  config,
  ...
 }:
+let
+  name = "vaultwarden";
+  hostDataDir = "/var/lib/${name}";
+  localAddress = "192.168.100.111";
+
+  binds = [
    {
-  containers.vaultwarden = {
+      host = "${hostDataDir}/data";
+      container = "/data?";
+      user = config.users.users.vaultwarden.name;
+    }
+  ];
+in
+{
+  users = lib.foldl (
+    acc: bind:
+    {
+      users.${bind.user} = {
+        isSystemUser = true;
+        home = bind.host;
+        createHome = true;
+        group = bind.user;
+      };
+      groups.${bind.user} = { };
+    }
+    // acc
+  ) { } binds;
+
+  containers.${name} = {
    ephemeral = true;
    autoStart = true;
    privateNetwork = true;
    hostAddress = "192.168.100.2";
-    localAddress = "192.168.100.12";
-    bindMounts = {
-      "/incontainer" = {
-        hostPath = "/asd";
+    localAddress = localAddress;
+    bindMounts = lib.foldl (
+      acc: bind:
+      {
+        "${bind.container}" = {
+          hostPath = bind.host;
          isReadOnly = false;
        };
-    };
+      }
+      // acc
+    ) { } binds;
    config =
      { ... }:
      {
@ -28,4 +61,13 @@
        };
      };
  };
+
+  services.nginx.virtualHosts."vault.joshuabell.xyz" = {
+    enableACME = true;
+    forceSSL = true;
+    locations = {
+      "/" = {
+      };
+    };
+  };
 }