formatting

2025-10-31 14:14:57 +03:00 · 2025-10-31 14:14:57 +03:00 · bae69545cd
commit bae69545cd
parent 58e40e58e8
2 changed files with 52 additions and 40 deletions
--- a/modules/nixos/services/mailserver.nix
+++ b/modules/nixos/services/mailserver.nix
@ -1,4 +1,9 @@
-{ config, inputs, lib, ... }:
+{
  config,
  inputs,
  lib,
  ...
 }:
 {
  imports = [
    inputs.simple-nixos-mailserver.nixosModule
@ -17,7 +22,7 @@
        loginAccounts = {
          "osbm@osbm.dev" = {
            hashedPasswordFile = "/persist/osbm.passwd"; # TODO: Make this into agenix secret
-            aliases = ["postmaster@osbm.dev"];
+            aliases = [ "postmaster@osbm.dev" ];
          };
        };
@ -27,4 +32,4 @@
      };
    })
  ];
-}
+}
--- a/modules/nixos/services/vaultwarden.nix
+++ b/modules/nixos/services/vaultwarden.nix
@ -13,53 +13,60 @@
        # be aware that this file must be created by hand (or via secrets management like sops)
        environmentFile = config.age.secrets.vaultwarden.path;
        config = {
-            # Refer to https://github.com/dani-garcia/vaultwarden/blob/main/.env.template
+          # Refer to https://github.com/dani-garcia/vaultwarden/blob/main/.env.template
-            DOMAIN = "https://bitwarden.osbm.dev";
+          DOMAIN = "https://bitwarden.osbm.dev";
-            SIGNUPS_ALLOWED = false;
+          SIGNUPS_ALLOWED = false;
-            ROCKET_ADDRESS = "127.0.0.1";
+          ROCKET_ADDRESS = "127.0.0.1";
-            ROCKET_PORT = 8222;
+          ROCKET_PORT = 8222;
-            ROCKET_LOG = "critical";
+          ROCKET_LOG = "critical";
-            # This example assumes a mailserver running on localhost,
+          # This example assumes a mailserver running on localhost,
-            # thus without transport encryption.
+          # thus without transport encryption.
-            # If you use an external mail server, follow:
+          # If you use an external mail server, follow:
-            #   https://github.com/dani-garcia/vaultwarden/wiki/SMTP-configuration
+          #   https://github.com/dani-garcia/vaultwarden/wiki/SMTP-configuration
-            SMTP_HOST = "127.0.0.1";
+          SMTP_HOST = "127.0.0.1";
-            SMTP_PORT = 25;
+          SMTP_PORT = 25;
-            SMTP_SSL = false;
+          SMTP_SSL = false;
-            SMTP_FROM = "admin@bitwarden.osbm.dev";
+          SMTP_FROM = "admin@bitwarden.osbm.dev";
-            SMTP_FROM_NAME = "osbm.dev Bitwarden server";
+          SMTP_FROM_NAME = "osbm.dev Bitwarden server";
        };
      };
    })
    # vaultwarden reverse proxy via nginx
-    (lib.mkIf (config.osbmModules.services.nginx.enable && config.osbmModules.services.vaultwarden.enable) {
+    (lib.mkIf
-      services.nginx.virtualHosts."bitwarden.osbm.dev" = {
+      (config.osbmModules.services.nginx.enable && config.osbmModules.services.vaultwarden.enable)
-        forceSSL = true;
+      {
-        enableACME = true;
+        services.nginx.virtualHosts."bitwarden.osbm.dev" = {
-        locations."/" = {
+          forceSSL = true;
-          proxyPass = "http://localhost:${toString config.services.vaultwarden.config.ROCKET_PORT}";
+          enableACME = true;
          locations."/" = {
            proxyPass = "http://localhost:${toString config.services.vaultwarden.config.ROCKET_PORT}";
          };
        };
-      };
+      }
-    })
+    )
    # impermanence with vaultwarden
-    (lib.mkIf (config.osbmModules.services.vaultwarden.enable && config.osbmModules.hardware.disko.zfs.root.impermanenceRoot) {
+    (lib.mkIf
-      environment.persistence."/persist" = {
+      (
-        directories = [
+        config.osbmModules.services.vaultwarden.enable
-          {
+        && config.osbmModules.hardware.disko.zfs.root.impermanenceRoot
-            directory = "/var/lib/vaultwarden";
+      )
-            user = config.systemd.services.vaultwarden.serviceConfig.User;
+      {
-            group = config.systemd.services.vaultwarden.serviceConfig.Group;
+        environment.persistence."/persist" = {
-            mode = "0750";
+          directories = [
-          }
+            {
-        ];
+              directory = "/var/lib/vaultwarden";
-      };
+              user = config.systemd.services.vaultwarden.serviceConfig.User;
-    })
+              group = config.systemd.services.vaultwarden.serviceConfig.Group;
              mode = "0750";
            }
          ];
        };
      }
    )
  ];
 }