From 5e64b083812bb6b474861aa31ea4ef7567667b43 Mon Sep 17 00:00:00 2001
From: Inex Code <inex.code@selfprivacy.org>
Date: Wed, 3 May 2023 10:48:57 +0300
Subject: [PATCH] feat(bitwarden): Add admin token support

---
 files.nix | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/files.nix b/files.nix
index 37056f5..9283e17 100644
--- a/files.nix
+++ b/files.nix
@@ -14,6 +14,7 @@ in
       "d /var/lib/restic 0600 restic - - -"
       (if cfg.pleroma.enable then "f /var/lib/pleroma/secrets.exs 0755 pleroma pleroma - -" else "")
       "f+ /var/domain 0444 selfprivacy-api selfprivacy-api - ${domain}"
+      (if cfg.bitwarden.enable then "f /var/lib/bitwarden/.env 0640 vaultwarden vaultwarden - -" else "")
     ];
   system.activationScripts =
     let
@@ -79,5 +80,20 @@ in
         '' else ''
           rm -f /var/lib/pleroma/secrets.exs
         '';
+      bitwardenCredentials =
+        if cfg.bitwarden.enable then ''
+          mkdir -p /var/lib/bitwarden
+          token=$(cat /etc/nixos/userdata/userdata.json | ${jq} -r '.bitwarden.adminToken')
+          if [ "$token" == "null" ]; then
+            # If it's null, delete the contents of the file
+            > /var/lib/bitwarden/.env
+          else
+            echo "ADMIN_TOKEN=$token" > /var/lib/bitwarden/.env
+          fi
+          chmod 0640 /var/lib/bitwarden/.env
+          chown vaultwarden:vaultwarden /var/lib/bitwarden/.env
+        '' else ''
+          rm -f /var/lib/bitwarden/.env
+        '';
     };
 }