From d4de48420f06c77dc06ea6694b5c093ea2685491 Mon Sep 17 00:00:00 2001
From: satr14 <admin@satr14.my.id>
Date: Fri, 1 May 2026 08:05:02 +0700
Subject: [PATCH] bind mount loophole

---
 modules/system/homelab/docs.nix | 14 ++++++--------
 modules/system/homelab/pass.nix |  7 ++++++-
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/modules/system/homelab/docs.nix b/modules/system/homelab/docs.nix
index caa5c9c..fad718c 100644
--- a/modules/system/homelab/docs.nix
+++ b/modules/system/homelab/docs.nix
@@ -12,14 +12,12 @@ in {
       httpSafeOrigin = "https://${sandbox}";
       blockDailyCheck = true;
       disableIntegratedEviction = true;
-      archivePath = "${data-dir}/archive";
-      pinPath = "${data-dir}/pins";
-      taskPath = "${data-dir}/tasks";
-      blockPath = "${data-dir}/block";
-      blobPath = "${data-dir}/blob";
-      blobStagingPath = "${data-dir}/blobstage";
-      decreePath = "${data-dir}/decrees";
-      logPath = "${data-dir}/logs";
     };
   };
+  
+  fileSystems."/var/lib/cryptpad" = {
+    device = "/mnt/data/apps/cryptpad";
+    dependsOn = [ "/mnt/data" ]; 
+    options = [ "bind" "nofail" ];
+  };
 }
diff --git a/modules/system/homelab/pass.nix b/modules/system/homelab/pass.nix
index 028f99d..86a4707 100644
--- a/modules/system/homelab/pass.nix
+++ b/modules/system/homelab/pass.nix
@@ -5,10 +5,15 @@
     backupDir = "/mnt/data/apps/vaultwarden/backups";
     environmentFile = "/mnt/data/apps/vaultwarden/.env";
     config = {
-      DATA_FOLDER = "/mnt/data/apps/vaultwarden/data";
       ROCKET_PORT = 8060;
       ROCKET_ADDRESS = "127.0.0.1";
       ROCKET_LOG = "critical";
     };
   };
+  
+  fileSystems."/var/lib/vaultwarden" = {
+    device = "/mnt/data/apps/vaultwarden/data";
+    dependsOn = [ "/mnt/data" ];
+    options = [ "bind" "nofail" ];
+  };
 }
\ No newline at end of file