From bae69545cdf6c29eb9e149680db6a0a0726b3630 Mon Sep 17 00:00:00 2001 From: osbm Date: Fri, 31 Oct 2025 14:14:57 +0300 Subject: [PATCH] formatting --- modules/nixos/services/mailserver.nix | 11 +++- modules/nixos/services/vaultwarden.nix | 81 ++++++++++++++------------ 2 files changed, 52 insertions(+), 40 deletions(-) diff --git a/modules/nixos/services/mailserver.nix b/modules/nixos/services/mailserver.nix index 06393d0..110aec9 100644 --- a/modules/nixos/services/mailserver.nix +++ b/modules/nixos/services/mailserver.nix @@ -1,4 +1,9 @@ -{ config, inputs, lib, ... }: +{ + config, + inputs, + lib, + ... +}: { imports = [ inputs.simple-nixos-mailserver.nixosModule @@ -17,7 +22,7 @@ loginAccounts = { "osbm@osbm.dev" = { hashedPasswordFile = "/persist/osbm.passwd"; # TODO: Make this into agenix secret - aliases = ["postmaster@osbm.dev"]; + aliases = [ "postmaster@osbm.dev" ]; }; }; @@ -27,4 +32,4 @@ }; }) ]; -} \ No newline at end of file +} diff --git a/modules/nixos/services/vaultwarden.nix b/modules/nixos/services/vaultwarden.nix index cc9c6d0..9f28a52 100644 --- a/modules/nixos/services/vaultwarden.nix +++ b/modules/nixos/services/vaultwarden.nix @@ -13,53 +13,60 @@ # be aware that this file must be created by hand (or via secrets management like sops) environmentFile = config.age.secrets.vaultwarden.path; config = { - # Refer to https://github.com/dani-garcia/vaultwarden/blob/main/.env.template - DOMAIN = "https://bitwarden.osbm.dev"; - SIGNUPS_ALLOWED = false; + # Refer to https://github.com/dani-garcia/vaultwarden/blob/main/.env.template + DOMAIN = "https://bitwarden.osbm.dev"; + SIGNUPS_ALLOWED = false; - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = 8222; - ROCKET_LOG = "critical"; + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8222; + ROCKET_LOG = "critical"; - # This example assumes a mailserver running on localhost, - # thus without transport encryption. - # If you use an external mail server, follow: - # https://github.com/dani-garcia/vaultwarden/wiki/SMTP-configuration - SMTP_HOST = "127.0.0.1"; - SMTP_PORT = 25; - SMTP_SSL = false; + # This example assumes a mailserver running on localhost, + # thus without transport encryption. + # If you use an external mail server, follow: + # https://github.com/dani-garcia/vaultwarden/wiki/SMTP-configuration + SMTP_HOST = "127.0.0.1"; + SMTP_PORT = 25; + SMTP_SSL = false; - SMTP_FROM = "admin@bitwarden.osbm.dev"; - SMTP_FROM_NAME = "osbm.dev Bitwarden server"; + SMTP_FROM = "admin@bitwarden.osbm.dev"; + SMTP_FROM_NAME = "osbm.dev Bitwarden server"; }; }; }) - # vaultwarden reverse proxy via nginx - (lib.mkIf (config.osbmModules.services.nginx.enable && config.osbmModules.services.vaultwarden.enable) { - services.nginx.virtualHosts."bitwarden.osbm.dev" = { - forceSSL = true; - enableACME = true; - locations."/" = { - proxyPass = "http://localhost:${toString config.services.vaultwarden.config.ROCKET_PORT}"; + (lib.mkIf + (config.osbmModules.services.nginx.enable && config.osbmModules.services.vaultwarden.enable) + { + services.nginx.virtualHosts."bitwarden.osbm.dev" = { + forceSSL = true; + enableACME = true; + locations."/" = { + proxyPass = "http://localhost:${toString config.services.vaultwarden.config.ROCKET_PORT}"; + }; }; - }; - }) + } + ) # impermanence with vaultwarden - (lib.mkIf (config.osbmModules.services.vaultwarden.enable && config.osbmModules.hardware.disko.zfs.root.impermanenceRoot) { - environment.persistence."/persist" = { - directories = [ - { - directory = "/var/lib/vaultwarden"; - user = config.systemd.services.vaultwarden.serviceConfig.User; - group = config.systemd.services.vaultwarden.serviceConfig.Group; - mode = "0750"; - } - ]; - }; - }) + (lib.mkIf + ( + config.osbmModules.services.vaultwarden.enable + && config.osbmModules.hardware.disko.zfs.root.impermanenceRoot + ) + { + environment.persistence."/persist" = { + directories = [ + { + directory = "/var/lib/vaultwarden"; + user = config.systemd.services.vaultwarden.serviceConfig.User; + group = config.systemd.services.vaultwarden.serviceConfig.Group; + mode = "0750"; + } + ]; + }; + } + ) ]; } -