docs: Improve iwd, vaultwarden, dyndns, disk-encryption and installer documentation
This commit is contained in:
Qubasa
@@ -2,5 +2,5 @@
|
||||
description = "A dynamic DNS service to update domain IPs"
|
||||
---
|
||||
|
||||
|
||||
To understand the possible options that can be set visit the documentation of [ddns-updater](https://github.com/qdm12/ddns-updater?tab=readme-ov-file#versioned-documentation)
|
||||
|
||||
|
||||
@@ -58,18 +58,6 @@ let
|
||||
in
|
||||
{
|
||||
options.clan.${name} = {
|
||||
|
||||
user = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = name;
|
||||
description = "User to run the service as";
|
||||
};
|
||||
group = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = name;
|
||||
description = "Group to run the service as";
|
||||
};
|
||||
|
||||
server = {
|
||||
enable = lib.mkEnableOption "dyndns webserver";
|
||||
domain = lib.mkOption {
|
||||
@@ -150,9 +138,9 @@ in
|
||||
(lib.mkIf (cfg.settings != { }) {
|
||||
clan.core.facts.services = lib.mapAttrs' secret_generator cfg.settings;
|
||||
|
||||
users.groups.${cfg.group} = { };
|
||||
users.users.${cfg.user} = {
|
||||
group = cfg.group;
|
||||
users.groups.${name} = { };
|
||||
users.users.${name} = {
|
||||
group = name;
|
||||
isSystemUser = true;
|
||||
description = "User for ${name} service";
|
||||
home = "/var/lib/${name}";
|
||||
@@ -236,8 +224,8 @@ in
|
||||
ExecStartPre = lib.getExe pyscript;
|
||||
ExecStart = lib.getExe pkgs.ddns-updater;
|
||||
LoadCredential = lib.mapAttrsToList (_: opt: "${secret_id opt}:${secret_path opt}") cfg.settings;
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
User = name;
|
||||
Group = name;
|
||||
NoNewPrivileges = true;
|
||||
PrivateTmp = true;
|
||||
ProtectSystem = "strict";
|
||||
|
||||
@@ -31,7 +31,7 @@ in
|
||||
{
|
||||
options = {
|
||||
ssid = lib.mkOption {
|
||||
type = lib.types.strMatching "^[a-zA-Z0-9._-]+$";
|
||||
type = lib.types.str;
|
||||
default = name;
|
||||
description = "The name of the wifi network";
|
||||
};
|
||||
@@ -67,6 +67,9 @@ in
|
||||
# disable wpa supplicant
|
||||
networking.wireless.enable = false;
|
||||
|
||||
# Set the network manager backend to iwd
|
||||
networking.networkmanager.wifi.backend = "iwd";
|
||||
|
||||
# Use iwd instead of wpa_supplicant. It has a user friendly CLI
|
||||
networking.wireless.iwd = {
|
||||
enable = true;
|
||||
|
||||
@@ -1,3 +1,14 @@
|
||||
---
|
||||
description = "The server for the password manager bitwarden"
|
||||
description = "The server for the centralized password manager bitwarden"
|
||||
---
|
||||
|
||||
After enabling the clan module, user accounts have to be created manually in the webinterface.
|
||||
This is done by visiting `vaultwarden.example.com/admin` and typing in the admin password.
|
||||
You can get the admin password for vaultwarden by executing:
|
||||
```bash
|
||||
clan secrets get <machine-name>-vaultwarden-admin
|
||||
```
|
||||
To see all secrets tied to vaultwarden execute:
|
||||
```bash
|
||||
clan secrets list | grep vaultwarden
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user