--- /dev/null
+class vaultwarden {
+ package {['vaultwarden', 'vaultwarden-web']:}
+ ->
+ file {'/var/lib/vaultwarden/data':
+ ensure => directory,
+ owner => 'vaultwarden',
+ group => 'vaultwarden',
+ mode => '700',
+ }
+ ->
+ service {'vaultwarden':
+ ensure => running,
+ enable => true,
+ }
+
+ Package['vaultwarden']
+ ->
+ file {'/etc/vaultwarden/vaultwarden.cfg':
+ content => @(EOT)
+ # see https://src.fedoraproject.org/rpms/vaultwarden/blob/rawhide/f/vaultwarden.cfg
+
+ # uncomment temporarily
+ SIGNUPS_ALLOWED=false
+ WEB_VAULT_FOLDER=/usr/share/vaultwarden-web
+ ROCKET_ADDRESS=0.0.0.0
+ | EOT
+ ,
+ }
+ ~>
+ Service['vaultwarden']
+}
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-210-disk-1 rpool/user/backed/bitwarden --quiet
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-211-disk-1 rpool/user/backed/gitolite --quiet
sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-214-disk-1 rpool/user/backed/weed --quiet
+ sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-215-disk-1 rpool/user/backed/vaultwarden --quiet
| EOT
,
owner => root,
[rpool/data/subvol-214-disk-1]
use_template = backup
+ # vaultwarden
+ [rpool/data/subvol-215-disk-1]
+ use_template = backup
+
[template_backup]
frequently=0
hourly=0
target => 'http://bitwarden.h1.int.pdp7.net:8000/',
}
+ proxmox::proxy_host {'vaultwarden.pdp7.net':
+ target => 'http://vaultwarden.h1.int.pdp7.net:8000/',
+ }
+
proxmox::proxy_host {'grafana.pdp7.net':
target => 'http://grafana.h1.int.pdp7.net:3000/',
}
--- /dev/null
+node 'vaultwarden.h1.int.pdp7.net' {
+ class {'vaultwarden':}
+}
projects / alex.git / commitdiff