From 93b7145e70adee2ed94e2864aa2595a40c2b0490 Mon Sep 17 00:00:00 2001
From: Hadi <112569860+anotherhadi@users.noreply.github.com>
Date: Tue, 18 Jun 2024 10:10:21 +0200
Subject: [PATCH] temp

---
 home/system/sops/server.nix                |  5 +++++
 hosts/modules/server/cloudflare-dyndns.nix |  9 +++++++++
 hosts/modules/server/vaultwarden.nix       | 23 ++++++++++++++++++----
 3 files changed, 33 insertions(+), 4 deletions(-)
 create mode 100644 hosts/modules/server/cloudflare-dyndns.nix

diff --git a/home/system/sops/server.nix b/home/system/sops/server.nix
index 0bbddf4..e421c89 100644
--- a/home/system/sops/server.nix
+++ b/home/system/sops/server.nix
@@ -14,6 +14,11 @@
         owner = "nextcloud";
         group = "nextcloud";
       };
+      cloudflare-apitoken = {
+        path = "/etc/cloudflare/apiToken";
+        owner = "cloudflare-dyndns";
+        group = "cloudflare-dyndns";
+      };
     };
   };
 
diff --git a/hosts/modules/server/cloudflare-dyndns.nix b/hosts/modules/server/cloudflare-dyndns.nix
new file mode 100644
index 0000000..b66d09f
--- /dev/null
+++ b/hosts/modules/server/cloudflare-dyndns.nix
@@ -0,0 +1,9 @@
+{
+    services.cloudflare-dyndns = {
+        enable = true;
+        ipv4 = true;
+        domains = [ "cloud.anotherhadi.com" "vault.anotherhadi.com" "try.anotherhadi.com"];
+        proxied = true;
+        apiTokenFile = "/etc/cloudflare/apiToken";
+    };
+}
\ No newline at end of file
diff --git a/hosts/modules/server/vaultwarden.nix b/hosts/modules/server/vaultwarden.nix
index faa3581..b09c936 100644
--- a/hosts/modules/server/vaultwarden.nix
+++ b/hosts/modules/server/vaultwarden.nix
@@ -1,9 +1,24 @@
 let
-
+    hostname = "vault.anotherhadi.com";
+    url = "https://"+hostname;
+    port = 8222;
 in{
     services.vaultwarden = {
         enable = true;
-        config = ''
-        
-    }
+        config = {
+            DOMAIN = url;
+            SIGNUPS_ALLOWED = false;
+            ROCKET_ADDRESS = "127.0.0.1";
+            ROCKET_PORT = port;
+            ROCKET_LOG = "critical";
+        };
+    };
+    services.nginx.virtualHosts.${hostname} = {
+        enableACME = true;
+        forceSSL = true;
+        locations."/" = {
+            proxyPass = "http://127.0.0.1:${port}";
+        };
+    };
+  networking.firewall.allowedTCPPorts = [ port ];
 }
\ No newline at end of file