set services to default retooling

2026-03-27 14:58:45 -05:00
parent 10b0ac6cea
commit fdca877096
10 changed files with 485 additions and 680 deletions
--- a/modules/vaultwarden.nix
+++ b/modules/vaultwarden.nix
@@ -1,11 +1,7 @@
 { config, pkgs, lib, ... }:

-<<<<<<< HEAD
-lib.mkIf config.sovran_systemsOS.features.vaultwarden {
+lib.mkIf config.sovran_systemsOS.services.vaultwarden {

-  # ── Caddy vhost is now handled centrally in caddy.nix ─────
-
-  # ── Generate Vaultwarden runtime config from domain files ──
  systemd.services.vaultwarden-runtime-config = {
    description = "Generate Vaultwarden runtime config from domain files";
    before = [ "vaultwarden.service" ];
@@ -22,8 +18,8 @@ lib.mkIf config.sovran_systemsOS.features.vaultwarden {
      mkdir -p /run/vaultwarden

      cat > /run/vaultwarden/runtime.env <<EOF
-      DOMAIN=https://$VAULTWARDEN
-      EOF
+DOMAIN=https://$VAULTWARDEN
+EOF

      chmod 640 /run/vaultwarden/runtime.env
    '';
@@ -32,7 +28,6 @@ lib.mkIf config.sovran_systemsOS.features.vaultwarden {
  services.vaultwarden = {
    enable = true;
    config = {
-      # DOMAIN injected at runtime via EnvironmentFile
      SIGNUPS_ALLOWED = false;
      ROCKET_ADDRESS = "127.0.0.1";
      ROCKET_PORT = 8777;
@@ -45,25 +40,4 @@ lib.mkIf config.sovran_systemsOS.features.vaultwarden {
  systemd.services.vaultwarden.serviceConfig.EnvironmentFile = lib.mkAfter [
    "/run/vaultwarden/runtime.env"
  ];
-=======
-let
-	personalization = import ./personalization.nix;
-in
-
-lib.mkIf config.sovran_systemsOS.features.vaultwarden {
-
-	services.vaultwarden = {
-		enable = true;
-		    config = {
-
-        		DOMAIN = "https://${personalization.vaultwarden_url}";
-        		SIGNUPS_ALLOWED = false;
-        		ROCKET_ADDRESS = "127.0.0.1";
-        		ROCKET_PORT = 8777;
-        		ROCKET_LOG = "critical";
-        	};
-		dbBackend = "sqlite";
-		environmentFile = "/var/lib/secrets/vaultwarden/vaultwarden.env";
-	};
->>>>>>> 5bee5ad99bb7890df011d88e9928b6944c3565f8
 }