From e5d4bffe8df088f67f0ec90fcd82d462f65d259d Mon Sep 17 00:00:00 2001
From: GHOSCHT <31184695+GHOSCHT@users.noreply.github.com>
Date: Fri, 5 Jul 2024 15:41:20 +0200
Subject: [PATCH] Arion: Expose vaultwarden publically

---
 hosts/franz/arion/passwords/arion-compose.nix | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/hosts/franz/arion/passwords/arion-compose.nix b/hosts/franz/arion/passwords/arion-compose.nix
index d7eb1e5..29d36f2 100644
--- a/hosts/franz/arion/passwords/arion-compose.nix
+++ b/hosts/franz/arion/passwords/arion-compose.nix
@@ -12,10 +12,27 @@
       container_name = "vaultwarden";
       labels = {
         "traefik.enable" = "true";
+        "traefik.docker.network" = "dmz";
+
+        "traefik.http.services.vaultwarden.loadbalancer.server.port" = "80";
+        "traefik.http.routers.vaultwarden.service" = "vaultwarden";
         "traefik.http.routers.vaultwarden.entrypoints" = "websecure";
         "traefik.http.routers.vaultwarden.rule" = "Host(`vaultwarden.ghoscht.com`)";
         "traefik.http.routers.vaultwarden.tls" = "true";
         "traefik.http.routers.vaultwarden.tls.certresolver" = "letsencrypt";
+
+        "traefik.http.services.vaultwarden-external.loadbalancer.server.port" = "80";
+        "traefik.http.routers.vaultwarden-external.service" = "vaultwarden-external";
+        "traefik.http.routers.vaultwarden-external.rule" = "Host(`vaultwarden.ghoscht.com`)";
+        "traefik.http.routers.vaultwarden-external.entrypoints" = "websecure-external";
+        "traefik.http.routers.vaultwarden-external.tls" = "true";
+        "traefik.http.routers.vaultwarden-external.tls.certresolver" = "letsencrypt";
+
+        "diun.enable" = "true";
+        "diun.watch_repo" = "true";
+        "diun.sort_tags" = "semver";
+        "diun.include_tags" = "^\\d+\\.\\d+\\.\\d+$$";
+        "diun.exclude_tags" = "\\b\\d{4,}\\b";
       };
       volumes = [
         "/storage/dataset/docker/passwords/vaultwarden_data/:/data"