From f791ea1856243561a52c2a2832201eea94160590 Mon Sep 17 00:00:00 2001
From: Felix Albrigtsen <felix@albrigtsen.it>
Date: Sun, 26 May 2024 11:05:26 +0200
Subject: [PATCH] defiant: cleanup vaultwarden

---
 hosts/defiant/services/vaultwarden.nix | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/hosts/defiant/services/vaultwarden.nix b/hosts/defiant/services/vaultwarden.nix
index 993be18..751c9cb 100644
--- a/hosts/defiant/services/vaultwarden.nix
+++ b/hosts/defiant/services/vaultwarden.nix
@@ -2,8 +2,9 @@
 let
   cfg = config.services.vaultwarden;
   domain = "pw.feal.no";
-  address = "127.0.0.1";
-  port = 3011; # Note: The websocket port is left as default(3012)
+  address = "127.0.1.2";
+  port = 3011;
+  wsPort = 3012;
 in {
   sops.secrets."vaultwarden/admintoken" = {
     owner = "vaultwarden";
@@ -19,11 +20,16 @@ in {
 
       rocketAddress = address;
       rocketPort = port;
-      websocketEnabled = true;
-      # databaseUrl = "postgresql://vaultwarden:@localhost/vaultwarden?sslmode=disable";
-      databaseUrl = "postgresql://vaultwarden@/vaultwarden";
 
-      signupsAllowed = false;
+      websocketEnabled = true;
+      websocketAddress = address;
+      websocketPort = wsPort;
+
+      signupsAllowed = true;
+      signupsVerify = true;
+      signupsDomainsWhitelist = "albrigtsen.it";
+
+      databaseUrl = "postgresql://vaultwarden@/vaultwarden";
     };
   };
 
@@ -54,7 +60,7 @@ in {
       proxyWebsockets = true;
     };
     locations."/notifications/hub" = {
-      proxyPass = "http://localhost:3012";
+      proxyPass = "http://${address}:${toString wsPort}";
       proxyWebsockets = true;
     };
     locations."/notifications/hub/negotiate" = {