about summary refs log tree commit diff
path: root/modules/vaultwarden.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/vaultwarden.nix')
-rw-r--r--modules/vaultwarden.nix19
1 files changed, 9 insertions, 10 deletions
diff --git a/modules/vaultwarden.nix b/modules/vaultwarden.nix
index edce8e5..124ff78 100644
--- a/modules/vaultwarden.nix
+++ b/modules/vaultwarden.nix
@@ -5,17 +5,16 @@
   this,
   ...
 }:
-with lib;
 let
   cfg = config.nixfiles.modules.vaultwarden;
 in
 {
   options.nixfiles.modules.vaultwarden = {
-    enable = mkEnableOption "Vaultwarden";
+    enable = lib.mkEnableOption "Vaultwarden";
 
-    domain = mkOption {
+    domain = lib.mkOption {
       description = "Domain name sans protocol scheme.";
-      type = with types; str;
+      type = lib.types.str;
       default = "vaultwarden.${config.networking.domain}";
     };
   };
@@ -24,7 +23,7 @@ in
     let
       db = "vaultwarden";
     in
-    mkIf cfg.enable {
+    lib.mkIf cfg.enable {
       ark.directories = [ "/var/lib/bitwarden_rs" ];
 
       secrets.vaultwarden-environment = {
@@ -73,7 +72,7 @@ in
 
             WEB_VAULT_ENABLED = true;
 
-            DOMAIN = optionalString (cfg.domain != null) "http://${cfg.domain}";
+            DOMAIN = lib.optionalString (cfg.domain != null) "http://${cfg.domain}";
 
             SIGNUPS_ALLOWED = false;
             INVITATIONS_ALLOWED = false;
@@ -127,14 +126,14 @@ in
       };
 
       environment.etc = {
-        "fail2ban/filter.d/vaultwarden.conf".text = generators.toINI { } {
+        "fail2ban/filter.d/vaultwarden.conf".text = lib.generators.toINI { } {
           Definition = {
             failregex = "^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$";
             ignoreregex = "";
             journalmatch = "_SYSTEMD_UNIT=vaultwarden.service";
           };
         };
-        "fail2ban/filter.d/vaultwarden-admin.conf".text = generators.toINI { } {
+        "fail2ban/filter.d/vaultwarden-admin.conf".text = lib.generators.toINI { } {
           Definition = {
             failregex = "^.*Invalid admin token\. IP: <ADDR>.*$";
             ignoreregex = "";
@@ -143,9 +142,9 @@ in
         };
       };
 
-      topology = with cfg; {
+      topology = {
         nodes.${this.hostname}.services.vaultwarden = {
-          info = mkForce domain;
+          info = lib.mkForce cfg.domain;
         };
       };
     };

Consider giving Nix/NixOS a try! <3