makefu/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

bitwarden: update migration, use ensureDBOwnership

Browse source
This commit is contained in:
makefu 2024-05-31 11:11:57 +02:00
parent 6f08cd0072
commit c7cf0208da
No known key found for this signature in database
GPG key ID: 36F7711F3FC0F225
1 changed files with 8 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
2configs/bitwarden.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ pkgs, lib, ... }:
let
port = 8812;
in {
@ -17,17 +17,20 @@ in {
services.postgresql = {
enable = true;
ensureDatabases = [ "bitwarden" ];
ensureDatabases = [ "bitwarden" "vaultwarden" ];
ensureUsers = [
{ name = "bitwarden_rs"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; }
{ name = "vaultwarden"; ensurePermissions."DATABASE bitwarden" = "ALL PRIVILEGES"; }
{ name = "vaultwarden"; ensureDBOwnership = true; }
];
};
systemd.services.postgresql.postStart = lib.mkAfter ''
$PSQL -tAc 'GRANT ALL ON DATABASE bitwarden to vaultwarden' || true
'';
services.postgresqlBackup = {
enable = true;
databases = [ "bitwarden" ];
databases = [ "bitwarden" "vaultwarden" ];
};
systemd.services.postgresqlBackup-bitwarden.serviceConfig.SupplementaryGroups = [ "download" ];
systemd.services.postgresqlBackup-vaultwarden.serviceConfig.SupplementaryGroups = [ "download" ];
services.nginx.virtualHosts."bw.euer.krebsco.de" ={