chore: Update Vaultwarden

hosts/Vaultwarden/default.nix

@@ -3,7 +3,11 @@
 {
   config = {
     homelab = {
-      apps.vaultwarden.enable = true;
+      apps.vaultwarden = {
+        enable = true;
+        domain = "https://vault.depeuter.dev";
+        name = "Hugo's Vault";
+      };
       virtualisation.guest.enable = true;
     };
 

modules/apps/vaultwarden/default.nix

@@ -5,7 +5,24 @@ let
 
   networkName = "vaultwarden";
 in {
-  options.homelab.apps.vaultwarden.enable = lib.mkEnableOption "Vaultwarden";
+  options.homelab.apps.vaultwarden = {
+    enable = lib.mkEnableOption "Vaultwarden";
+    port = lib.mkOption {
+      type = lib.types.int;
+      default = 10102;
+      description = "Vaultwarden WebUI port";
+    };
+    domain = lib.mkOption {
+      type = lib.types.string;
+      example = "https://vault.depeuter.dev";
+      description = "Domain to configure Vaultwarden on";
+    };
+    name = lib.mkOption {
+      type = lib.types.string;
+      example = "Hugo's Vault";
+      description = "Service name to use for invitations and mail";
+    };
+  };
 
   config = lib.mkIf cfg.enable {
     homelab = {
@@ -33,13 +50,16 @@ in {
       '';
     };
 
-    virtualisation.oci-containers.containers = {
+    virtualisation.oci-containers.containers = let
+      dbHostname = "vaultwarden-db";
+      dbPort = 5432;
+    in {
       vaultwarden-db = {
-        hostname = "vaultwarden-db";
+        hostname = dbHostname;
         image = "postgres:15.8-alpine";
         autoStart = true;
         ports = [
-          "5432:5432/tcp"
+          "${toString dbPort}:5432/tcp"
         ];
         extraOptions = [
           "--network=${networkName}"
@@ -57,16 +77,16 @@ in {
         dataDir = "/data";
       in {
         hostname = "vaultwarden";
-        image = "vaultwarden/server:1.32.5-alpine";
+        image = "vaultwarden/server:1.33.2-alpine";
         autoStart = true;
         ports = [
-          "10102:80/tcp"
+          "${toString cfg.port}:80/tcp"
         ];
         extraOptions = [
           "--network=${networkName}"
         ];
         dependsOn = [
-          "vaultwarden-db"
+          dbHostname
         ];
         volumes = [
           "vaultwarden:${dataDir}"
@@ -115,7 +135,7 @@ in {
           ## Details:
           ## - https://docs.diesel.rs/2.1.x/diesel/pg/struct.PgConnection.html
           ## - https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING
-          DATABASE_URL = "postgresql://vaultwarden:ChangeMe@vaultwarden-db:5432/vaultwarden";
+          DATABASE_URL = "postgresql://vaultwarden:ChangeMe@${dbHostname}:${toString dbPort}/vaultwarden";
 
           ## Enable WAL for the DB
           ## Set to false to avoid enabling WAL during startup.
@@ -244,7 +264,7 @@ in {
           ## For development
           # DOMAIN=http://localhost
           ## For public server
-          DOMAIN = "https://vault.depeuter.dev";
+          DOMAIN = cfg.domain;
           ## For public server (URL with port number)
           # DOMAIN=https://vw.domain.tld:8443
           ## For public server (URL with path)
@@ -328,7 +348,7 @@ in {
           ## Invitations org admins to invite users, even when signups are disabled
           # INVITATIONS_ALLOWED=true
           ## Name shown in the invitation emails that don't come from a specific organization
-          INVITATION_ORG_NAME = "Hugo's Vault";
+          INVITATION_ORG_NAME = cfg.name;
           
           ## The number of hours after which an organization invite token, emergency access invite token,
           ## email verification token and deletion request token will expire (must be at least 1)
@@ -571,7 +591,7 @@ in {
           ## Note: if SMTP_USERNAME is specified, SMTP_PASSWORD is mandatory
           SMTP_HOST = "smtp.gmail.com";
           SMTP_FROM = "vault@depeuter.dev";
-          SMTP_FROM_NAME = "Hugo's Vault";
+          SMTP_FROM_NAME = cfg.name;
           # SMTP_USERNAME=username
           # SMTP_PASSWORD=password
           # SMTP_TIMEOUT=15