From: alexpdp7 Date: Sun, 26 Jan 2025 09:26:52 +0000 (+0100) Subject: Add Vaultwarden (#320) X-Git-Url: https://xn--ix-yja.es/gitweb/?a=commitdiff_plain;h=28e31c610ae7abcd8662a506a28e883715599a13;p=alex.git Add Vaultwarden (#320) --- diff --git a/personal_infra/puppet/modules/vaultwarden/manifests/init.pp b/personal_infra/puppet/modules/vaultwarden/manifests/init.pp new file mode 100644 index 0000000..d92e38f --- /dev/null +++ b/personal_infra/puppet/modules/vaultwarden/manifests/init.pp @@ -0,0 +1,31 @@ +class vaultwarden { + package {['vaultwarden', 'vaultwarden-web']:} + -> + file {'/var/lib/vaultwarden/data': + ensure => directory, + owner => 'vaultwarden', + group => 'vaultwarden', + mode => '700', + } + -> + service {'vaultwarden': + ensure => running, + enable => true, + } + + Package['vaultwarden'] + -> + file {'/etc/vaultwarden/vaultwarden.cfg': + content => @(EOT) + # see https://src.fedoraproject.org/rpms/vaultwarden/blob/rawhide/f/vaultwarden.cfg + + # uncomment temporarily + SIGNUPS_ALLOWED=false + WEB_VAULT_FOLDER=/usr/share/vaultwarden-web + ROCKET_ADDRESS=0.0.0.0 + | EOT + , + } + ~> + Service['vaultwarden'] +} diff --git a/personal_infra/puppet/site/dixie.bcn.int.pdp7.net.pp b/personal_infra/puppet/site/dixie.bcn.int.pdp7.net.pp index 1c815c2..067849b 100644 --- a/personal_infra/puppet/site/dixie.bcn.int.pdp7.net.pp +++ b/personal_infra/puppet/site/dixie.bcn.int.pdp7.net.pp @@ -57,6 +57,7 @@ host-record=router4g.bcn.int.pdp7.net,router4g,192.168.76.3 sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-210-disk-1 rpool/user/backed/bitwarden --quiet sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-211-disk-1 rpool/user/backed/gitolite --quiet sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-214-disk-1 rpool/user/backed/weed --quiet + sudo -u backups /usr/sbin/syncoid --no-privilege-elevation --no-sync-snap backups@h1.pdp7.net:rpool/data/subvol-215-disk-1 rpool/user/backed/vaultwarden --quiet | EOT , owner => root, diff --git a/personal_infra/puppet/site/h1.pdp7.net.pp b/personal_infra/puppet/site/h1.pdp7.net.pp index 7ef47fc..967a634 100644 --- a/personal_infra/puppet/site/h1.pdp7.net.pp +++ b/personal_infra/puppet/site/h1.pdp7.net.pp @@ -25,6 +25,10 @@ node 'h1.pdp7.net' { [rpool/data/subvol-214-disk-1] use_template = backup + # vaultwarden + [rpool/data/subvol-215-disk-1] + use_template = backup + [template_backup] frequently=0 hourly=0 @@ -74,6 +78,10 @@ node 'h1.pdp7.net' { target => 'http://bitwarden.h1.int.pdp7.net:8000/', } + proxmox::proxy_host {'vaultwarden.pdp7.net': + target => 'http://vaultwarden.h1.int.pdp7.net:8000/', + } + proxmox::proxy_host {'grafana.pdp7.net': target => 'http://grafana.h1.int.pdp7.net:3000/', } diff --git a/personal_infra/puppet/site/vaultwarden.h1.int.pdp7.net.pp b/personal_infra/puppet/site/vaultwarden.h1.int.pdp7.net.pp new file mode 100644 index 0000000..0000608 --- /dev/null +++ b/personal_infra/puppet/site/vaultwarden.h1.int.pdp7.net.pp @@ -0,0 +1,3 @@ +node 'vaultwarden.h1.int.pdp7.net' { + class {'vaultwarden':} +}