nix/container/Pass.nix

{ container, ... } @args: let
	cfg = container.config.pass;
in {
	systemd.tmpfiles.rules = container.mkContainerDir cfg [
		"data"
	];

	containers.pass = container.mkContainer cfg {
		bindMounts = {
			"/var/lib/bitwarden_rs" = {
				hostPath   = "${cfg.storage}/data";
				isReadOnly = false;
			};
		};

		config = { ... }: container.mkContainerConfig cfg {
			services.vaultwarden = {
				enable          = true;
				dbBackend       = "postgresql";
				environmentFile = "/var/lib/bitwarden_rs/Env";
				config = {
					DATABASE_URL      = "postgresql://vaultwarden:vaultwarden@${container.config.postgres.address}:${toString container.config.postgres.port}/vaultwarden";
					DATA_FOLDER       = "/var/lib/bitwarden_rs";
					DOMAIN            = "http://${cfg.domain}";
					SIGNUPS_ALLOWED   = false;
					WEB_VAULT_ENABLED = true;
					ROCKET_ADDRESS = cfg.address;
					ROCKET_PORT    = cfg.port;
				};
			};
		};
	};
}
Huge containers update 2024-06-09 23:35:53 +03:00			`{ container, ... } @args: let`
			`cfg = container.config.pass;`
			`in {`
			`systemd.tmpfiles.rules = container.mkContainerDir cfg [`
			`"data"`
			`];`

			`containers.pass = container.mkContainer cfg {`
			`bindMounts = {`
			`"/var/lib/bitwarden_rs" = {`
			`hostPath = "${cfg.storage}/data";`
			`isReadOnly = false;`
			`};`
			`};`

			`config = { ... }: container.mkContainerConfig cfg {`
			`services.vaultwarden = {`
			`enable = true;`
			`dbBackend = "postgresql";`
			`environmentFile = "/var/lib/bitwarden_rs/Env";`
			`config = {`
			`DATABASE_URL = "postgresql://vaultwarden:vaultwarden@${container.config.postgres.address}:${toString container.config.postgres.port}/vaultwarden";`
			`DATA_FOLDER = "/var/lib/bitwarden_rs";`
			`DOMAIN = "http://${cfg.domain}";`
			`SIGNUPS_ALLOWED = false;`
			`WEB_VAULT_ENABLED = true;`
			`ROCKET_ADDRESS = cfg.address;`
			`ROCKET_PORT = cfg.port;`
			`};`
			`};`
			`};`
			`};`
			`}`