bitwarden: brought in line with the nixpkgs again.

2023-11-18 03:03:35 +00:00 · 2023-11-18 03:03:35 +00:00 · cbb4100b4e
commit cbb4100b4e
parent e42f718ba5
8 changed files with 74 additions and 43 deletions
--- a/applications/bitwarden/bitwarden_sync.nix
+++ b/applications/bitwarden/bitwarden_sync.nix
@ -4,6 +4,7 @@
  lib,
  ...
 }: let
+  user = "bwdc";
 in {
  imports = [
    ./_bitwarden_sync_module.nix
@ -12,18 +13,31 @@ in {
  options = {};

  config = {
-    age.secrets.bitwarden_sync_api.file = ../../secrets/bitwarden/api.age;
-    age.secrets.bitwarden_sync_ldap.file = ../../secrets/ldap/details.age;
+    age.secrets.bitwarden_sync_id = {
+      file = ../../secrets/bitwarden/id.age;
+      owner = user;
+      group = user;
+    };
+    age.secrets.bitwarden_sync_secret = {
+      file = ../../secrets/bitwarden/secret.age;
+      owner = user;
+      group = user;
+    };
+    age.secrets.bitwarden_sync_ldap = {
+      file = ../../secrets/ldap/pw.age;
+      owner = user;
+      group = user;
+    };

    services.bitwarden_directory_connector = {
      enable = true;

+      user = user;
+
      domain = "https://pw.skynet.ie";

      package = pkgs.callPackage ./_bitwarden-directory-connector.nix {};

-      pw_env = "LDAP_ADMIN_PW";
-
      ldap = {
        ssl = false;
        startTls = false;
@ -54,9 +68,12 @@ in {
        groupNameAttribute = "cn";
      };

-      env = {
-        bitwarden = config.age.secrets.bitwarden_sync_api.path;
+      secrets = {
        ldap = config.age.secrets.bitwarden_sync_ldap.path;
+        bitwarden = {
+          client_path_id = config.age.secrets.bitwarden_sync_id.path;
+          client_path_secret = config.age.secrets.bitwarden_sync_secret.path;
+        };
      };
    };
  };