From 37bad014240e9844c4f29c6baf8beab97720ea1c Mon Sep 17 00:00:00 2001
From: Snorre Ettrup Altschul <snorre@altschul.dk>
Date: Mon, 3 Mar 2025 12:44:28 +0100
Subject: [PATCH] Changed vault warden to use nginx

---
 services/vaultwarden.nix | 21 ++++++++++++---------
 1 file changed, 12 insertions(+), 9 deletions(-)

diff --git a/services/vaultwarden.nix b/services/vaultwarden.nix
index 0cbab52..f0fd5f3 100644
--- a/services/vaultwarden.nix
+++ b/services/vaultwarden.nix
@@ -1,7 +1,9 @@
-{...}: let
+{ config, ... }:
+let
   host = "127.0.0.1";
   port = 8222;
-in {
+in
+{
   services.vaultwarden = {
     enable = true;
 
@@ -22,13 +24,14 @@ in {
     };
   };
 
-  networking.firewall.allowedTCPPorts = [port];
-  networking.firewall.allowedUDPPorts = [port];
+  networking.firewall.allowedTCPPorts = [ port ];
+  networking.firewall.allowedUDPPorts = [ port ];
 
-  services.caddy = {
-    enable = true;
-    virtualHosts."bitwarden.spoodythe.one".extraConfig = ''
-      reverse_proxy * ${host}:${toString port}
-    '';
+  services.nginx.virtualHosts."bitwarden.spoodythe.one" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://${host}:${toString port}";
+    };
   };
 }