From 9a5427e3a0c0ccf2a82dc503149a26b23fbd6004 Mon Sep 17 00:00:00 2001
From: Azat Bahawi <azat@bahawi.net>
Date: Sun, 31 Mar 2024 21:29:27 +0300
Subject: 2024-03-31

---
 modules/nixos/vaultwarden.nix | 25 ++++++++++++++-----------
 1 file changed, 14 insertions(+), 11 deletions(-)

(limited to 'modules/nixos/vaultwarden.nix')

diff --git a/modules/nixos/vaultwarden.nix b/modules/nixos/vaultwarden.nix
index 53a3f81..2cacb6c 100644
--- a/modules/nixos/vaultwarden.nix
+++ b/modules/nixos/vaultwarden.nix
@@ -4,9 +4,11 @@
   lib,
   ...
 }:
-with lib; let
+with lib;
+let
   cfg = config.nixfiles.modules.vaultwarden;
-in {
+in
+{
   options.nixfiles.modules.vaultwarden = {
     enable = mkEnableOption "Vaultwarden";
 
@@ -17,11 +19,12 @@ in {
     };
   };
 
-  config = let
-    db = "vaultwarden";
-  in
+  config =
+    let
+      db = "vaultwarden";
+    in
     mkIf cfg.enable {
-      ark.directories = ["/var/lib/bitwarden_rs"];
+      ark.directories = [ "/var/lib/bitwarden_rs" ];
 
       secrets.vaultwarden-environment = {
         file = "${inputs.self}/secrets/vaultwarden-environment";
@@ -33,8 +36,8 @@ in {
         nginx = {
           enable = true;
           upstreams = with config.services.vaultwarden.config; {
-            vaultwarden_rocket.servers."${ROCKET_ADDRESS}:${toString ROCKET_PORT}" = {};
-            vaultwarden_websocket.servers."${WEBSOCKET_ADDRESS}:${toString WEBSOCKET_PORT}" = {};
+            vaultwarden_rocket.servers."${ROCKET_ADDRESS}:${toString ROCKET_PORT}" = { };
+            vaultwarden_websocket.servers."${WEBSOCKET_ADDRESS}:${toString WEBSOCKET_PORT}" = { };
           };
           virtualHosts.${cfg.domain}.locations = {
             "/" = {
@@ -95,7 +98,7 @@ in {
         };
 
         postgresql = {
-          ensureDatabases = [db];
+          ensureDatabases = [ db ];
           ensureUsers = [
             {
               name = db;
@@ -123,14 +126,14 @@ in {
       };
 
       environment.etc = {
-        "fail2ban/filter.d/vaultwarden.conf".text = generators.toINI {} {
+        "fail2ban/filter.d/vaultwarden.conf".text = generators.toINI { } {
           Definition = {
             failregex = "^.*Username or password is incorrect\. Try again\. IP: <ADDR>\. Username:.*$";
             ignoreregex = "";
             journalmatch = "_SYSTEMD_UNIT=vaultwarden.service";
           };
         };
-        "fail2ban/filter.d/vaultwarden-admin.conf".text = generators.toINI {} {
+        "fail2ban/filter.d/vaultwarden-admin.conf".text = generators.toINI { } {
           Definition = {
             failregex = "^.*Invalid admin token\. IP: <ADDR>.*$";
             ignoreregex = "";
-- 
cgit v1.2.3