From dec8f0d43d9b95659764e8f13be5a2f44f5605fd Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Tue, 29 Mar 2022 13:17:30 -0400
Subject: [PATCH 1/2] pass: add vaultwarden for pass.new.hackens.org

---
 hosts/hackens-org/configuration.nix |  2 +-
 hosts/hackens-org/webpass.nix       | 39 +++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 hosts/hackens-org/webpass.nix

diff --git a/hosts/hackens-org/configuration.nix b/hosts/hackens-org/configuration.nix
index 2b0e90c..622e6cb 100644
--- a/hosts/hackens-org/configuration.nix
+++ b/hosts/hackens-org/configuration.nix
@@ -11,8 +11,8 @@
       ./physical.nix
       ../../profiles/core-hackens
       ./wiki.nix
+      ./webpass.nix
       # ./bridge.nix
-      # ./webpass.nix
       # ./gha.nix
       # ./sync.nix
       ./misc
diff --git a/hosts/hackens-org/webpass.nix b/hosts/hackens-org/webpass.nix
new file mode 100644
index 0000000..3657bc7
--- /dev/null
+++ b/hosts/hackens-org/webpass.nix
@@ -0,0 +1,39 @@
+{ pkgs, ... }:
+{
+  security.acme = {
+    defaults.email = "hackens@clipper.ens.fr";
+    acceptTerms = true;
+  };
+
+  services.vaultwarden = {
+    enable = true;
+    config = {
+      DOMAIN = "https://pass.new.hackens.org";
+      WEBSOCKET_ENABLED = true;
+      WEBSOCKET_PORT = 10500;
+      SIGNUPS_DOMAINS_WHITELIST = "ens.fr,ens.psl.eu";
+      ROCKET_PORT = 10501;
+      ROCKET_ADDRESS = "127.0.0.1";
+      LOG_FILE = "/var/log/vaultwarden";
+      SIGNUPS_VERIFY = true;
+    };
+    environmentFile = "/etc/secrets/vaultwarden.env";
+  };
+
+  services.nginx.virtualHosts."pass.new.hackens.org" = {
+    forceSSL = true;
+    enableACME = true;
+    locations."/" = {
+      proxyPass = "http://localhost:10501";
+      proxyWebsockets = true;
+    };
+    locations."/notifications/hub" = {
+      proxyPass = "http://localhost:10500";
+      proxyWebsockets = true;
+    };
+    locations."/notifications/hub/negotiate" = {
+      proxyPass = "http://localhost:10501";
+      proxyWebsockets = true;
+    };
+  };
+}

From b914f3a119deea28a5d543b7646eef71c6eba8e5 Mon Sep 17 00:00:00 2001
From: hackens server <hackens@ens.fr>
Date: Wed, 13 Apr 2022 00:57:44 +0200
Subject: [PATCH 2/2] Fix acme email for pass-store

---
 hosts/hackens-org/webpass.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hosts/hackens-org/webpass.nix b/hosts/hackens-org/webpass.nix
index 3657bc7..aaac537 100644
--- a/hosts/hackens-org/webpass.nix
+++ b/hosts/hackens-org/webpass.nix
@@ -1,7 +1,7 @@
 { pkgs, ... }:
 {
   security.acme = {
-    defaults.email = "hackens@clipper.ens.fr";
+    email = "hackens@clipper.ens.fr";
     acceptTerms = true;
   };