2022-09-07

author: Azat Bahawi <azat@bahawi.net> 2022-09-07 01:54:12 +0300
committer: Azat Bahawi <azat@bahawi.net> 2022-09-07 01:54:12 +0300
commit: 3399a58442ad0a93fc3b6f68d1b878ab078a0e06 (patch)
tree: 27a24e8c0ad29575742653de4f494bbdf913d7a4 /modules/nixfiles/vaultwarden.nix
parent: a9eaf09572e57a48d96e02796ed16427c02a50c3 (diff)
1 files changed, 11 insertions, 7 deletions
diff --git a/modules/nixfiles/vaultwarden.nix b/modules/nixfiles/vaultwarden.nix
index f40e4f5..dc8bb84 100644
--- a/modules/nixfiles/vaultwarden.nix
+++ b/modules/nixfiles/vaultwarden.nix
@@ -13,7 +13,7 @@ in {
     domain = mkOption {
       description = "Domain name sans protocol scheme.";
       type = with types; str;
-      default = "bitwarden.${config.networking.domain}";
+      default = "vaultwarden.${config.networking.domain}";
     };
   };
 
@@ -27,17 +27,21 @@ in {
     nixfiles.modules = {
       nginx = {
         enable = true;
-        virtualHosts.${cfg.domain} = with config.services.vaultwarden.config; {
+        upstreams = with config.services.vaultwarden.config; {
+          vaultwarden_rocket.servers."${ROCKET_ADDRESS}:${toString ROCKET_PORT}" = {};
+          vaultwarden_websocket.servers."${WEBSOCKET_ADDRESS}:${toString WEBSOCKET_PORT}" = {};
+        };
+        virtualHosts.${cfg.domain} = {
           locations."/" = {
-            proxyPass = "http://[${ROCKET_ADDRESS}]:${toString ROCKET_PORT}";
+            proxyPass = "http://vaultwarden_rocket";
             proxyWebsockets = true;
           };
           locations."/notifications/hub" = {
-            proxyPass = "http://[${WEBSOCKET_ADDRESS}]:${toString WEBSOCKET_PORT}";
+            proxyPass = "http://vaultwarden_websocket";
             proxyWebsockets = true;
           };
           locations."/notifications/hub/negotiate" = {
-            proxyPass = "http://[${ROCKET_ADDRESS}]:${toString ROCKET_PORT}";
+            proxyPass = "http://vaultwarden_rocket";
             proxyWebsockets = true;
           };
         };
@@ -60,11 +64,11 @@ in {
           SIGNUPS_ALLOWED = false;
           INVITATIONS_ALLOWED = true;
 
-          ROCKET_ADDRESS = "::1";
+          ROCKET_ADDRESS = "127.0.0.1";
           ROCKET_PORT = 8812;
 
           WEBSOCKET_ENABLED = true;
-          WEBSOCKET_ADDRESS = "::1";
+          WEBSOCKET_ADDRESS = "127.0.0.1";
           WEBSOCKET_PORT = 8813;
 
           LOG_LEVEL = "error";
author	Azat Bahawi <azat@bahawi.net>	2022-09-07 01:54:12 +0300
committer	Azat Bahawi <azat@bahawi.net>	2022-09-07 01:54:12 +0300
commit	3399a58442ad0a93fc3b6f68d1b878ab078a0e06 (patch)
tree	27a24e8c0ad29575742653de4f494bbdf913d7a4 /modules/nixfiles/vaultwarden.nix
parent	a9eaf09572e57a48d96e02796ed16427c02a50c3 (diff)