commit b7517d79a3ff1dbd0fdbdccf1c0d6bbbda63f522 · aylac.top/nixcfg-own-knot

+6 -6

modules/nixos/services/glance/default.nix

···

       65
       65
        
                                 icon = "di:bluesky";

     

       66
       66
        
                               }

     

       67
       67
        
                               {

     

       68
       68
       -
                                 title = "Vaultwarden";

     

       69
       69
       -
                                 url = "https://${aylac-top.networkMap.vaultwarden.vHost}/";

     

       70
       70
       -
                                 check-url = "http://${aylac-top.networkMap.vaultwarden.hostName}:${toString aylac-top.networkMap.vaultwarden.port}/";

     

       71
       71
       -
                                 icon = "di:vaultwarden";

     

       72
       72
       -
                               }

     

       73
       73
       -
                               {

     

       74
       68
        
                                 title = "ntfy";

     

       75
       69
        
                                 url = "https://${aylac-top.networkMap.ntfy.vHost}/";

     

       76
       70
        
                                 check-url = "http://${aylac-top.networkMap.ntfy.hostName}:${toString aylac-top.networkMap.ntfy.port}/";

     
···

       84
       78
        
                             title = "Private Services";

     

       85
       79
        
       

     

       86
       80
        
                             sites = [

     

       81
       81
       +
                               {

     

       82
       82
       +
                                 title = "Vaultwarden";

     

       83
       83
       +
                                 url = "https://${aylac-top.networkMap.vaultwarden.vHost}/";

     

       84
       84
       +
                                 check-url = "http://${aylac-top.networkMap.vaultwarden.hostName}:${toString aylac-top.networkMap.vaultwarden.port}/";

     

       85
       85
       +
                                 icon = "di:vaultwarden";

     

       86
       86
       +
                               }

     

       87
       87
        
                               {

     

       88
       88
        
                                 title = "Karakeep";

     

       89
       89
        
                                 url = "https://${tailnet.networkMap.karakeep.vHost}/";

+7 -5

modules/nixos/services/vaultwarden/default.nix

···

       7
       7
        
         name = "vaultwarden";

     

       8
       8
        
         cfg = config.myNixOS.services.${name};

     

       9
       9
        
       

     

       10
       10
       -
         network = config.mySnippets.aylac-top;

     

       10
       10
       +
         network = config.mySnippets.tailnet;

     

       11
       11
        
         service = network.networkMap.${name};

     

       12
       12
        
       in {

     

       13
       13
        
         options.myNixOS.services.${name} = {

     
···

       24
       24
        
           age.secrets.vaultwarden.file = "${self.inputs.secrets}/vaultwarden.age";

     

       25
       25
        
       

     

       26
       26
        
           services = {

     

       27
       27
       -
             cloudflared.tunnels."${network.cloudflareTunnel}".ingress = lib.mkIf cfg.autoProxy {

     

       28
       28
       -
               "${service.vHost}" = "http://${service.hostName}:${toString service.port}";

     

       29
       29
       -
             };

     

       27
       27
       +
             caddy.virtualHosts."${service.vHost}".extraConfig = lib.mkIf cfg.autoProxy ''

     

       28
       28
       +
               bind tailscale/vault

     

       29
       29
       +
               encode zstd gzip

     

       30
       30
       +
               reverse_proxy ${service.hostName}:${toString service.port}

     

       31
       31
       +
             '';

     

       30
       32
        
       

     

       31
       33
        
             vaultwarden = {

     

       32
       34
        
               enable = true;

     
···

       39
       41
        
                 SIGNUPS_ALLOWED = false;

     

       40
       42
        
                 ICON_SERVICE = "bitwarden";

     

       41
       43
        
                 ICON_CACHE_TTL = 0;

     

       42
       42
       -
                 IP_HEADER = "CF-Connecting-IP";

     

       44
       44
       +
                 #IP_HEADER = "CF-Connecting-IP";

     

       43
       45
        
               };

     

       44
       46
        
       

     

       45
       47
        
               environmentFile = config.age.secrets.vaultwarden.path;

+6

modules/snippets/tailnet/default.nix

···

       86
       86
        
                 vHost = "uptime-kuma.${config.mySnippets.tailnet.name}";

     

       87
       87
        
               };

     

       88
       88
        
       

     

       89
       89
       +
               vaultwarden = {

     

       90
       90
       +
                 hostName = "nanpi";

     

       91
       91
       +
                 port = 8222;

     

       92
       92
       +
                 vHost = "vault.${config.mySnippets.tailnet.name}";

     

       93
       93
       +
               };

     

       94
       94
       +
       

     

       89
       95
        
               webdav = {

     

       90
       96
        
                 hostName = "nanpi";

     

       91
       97
        
                 port = 4918;