From d8857f46f97da17ccc6e66d4d85cfc990ff8a570 Mon Sep 17 00:00:00 2001
From: Satria <admin@satr14.my.id>
Date: Fri, 6 Mar 2026 14:44:28 +0700
Subject: [PATCH 1/2] update config vaultwarden

---
 modules/system/homelab/pass.nix | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/system/homelab/pass.nix b/modules/system/homelab/pass.nix
index 6114a98..b197063 100644
--- a/modules/system/homelab/pass.nix
+++ b/modules/system/homelab/pass.nix
@@ -2,11 +2,12 @@
   services.vaultwarden = {
     enable = true;
     config = {
-      DOMAIN = "pass.proxy.${homelab.domain}";
-      SIGNUPS_ALLOWED = true;
-      ROCKET_ADDRESS = "127.0.0.1";
+      DOMAIN = "https://pass.proxy.${homelab.domain}";
       ROCKET_PORT = 8060;
+      ROCKET_ADDRESS = "127.0.0.1";
       ROCKET_LOG = "critical";
+      DATA_FOLDER = "/mnt/data/vaultwarden";
+      SIGNUPS_ALLOWED = true;
     };
   };
 }
\ No newline at end of file

From d8d079953bca504d0ae861d2b27d90772449bd7c Mon Sep 17 00:00:00 2001
From: Satria <admin@satr14.my.id>
Date: Fri, 6 Mar 2026 14:50:37 +0700
Subject: [PATCH 2/2] redirect proxy

---
 modules/system/homelab/proxy.nix | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/modules/system/homelab/proxy.nix b/modules/system/homelab/proxy.nix
index 1f98b01..4bcac12 100644
--- a/modules/system/homelab/proxy.nix
+++ b/modules/system/homelab/proxy.nix
@@ -1,6 +1,6 @@
 { homelab, lib, ... }: let
   base = "proxy.${homelab.domain}";
-  proxy-mappings = {
+  hosts = {
     "dns"        = { dest = "http://localhost:8088"; auth = true; };
     "ai"         = { dest = "http://localhost:8080"; auth = true; };
     
@@ -21,6 +21,10 @@
     "cdn"        = { dest = "http://localhost:3000"; auth = false; };
     "@"          = { dest = "http://localhost:5070"; auth = false; };
   };
+  redirects = {
+    "www"  = "https://proxy.${homelab.domain}";
+    "dash" = "https://${homelab.domain}";
+  };
 in {
   users.users.nginx.extraGroups = [ "acme" ];
   security.acme = {
@@ -46,10 +50,13 @@ in {
         useACMEHost = base;
         locations."/".return = "404";
       };
-    } // lib.mapAttrs' (subdomain: cfg: lib.nameValuePair (if subdomain == "@" then base else "${subdomain}.${base}") {
+    } // lib.mapAttrs' (subdomain: cfg: lib.nameValuePair "${subdomain}.${base}" {
+      useACMEHost = base;
+      forceSSL = true;
+      locations."/".return = "301 https://${base}$request_uri";
+    }) redirects // lib.mapAttrs' (subdomain: cfg: lib.nameValuePair (if subdomain == "@" then base else "${subdomain}.${base}") {
       useACMEHost = base;
       forceSSL = true;
-      
       locations."/" = {
         proxyPass = cfg.dest;
         proxyWebsockets = true;
@@ -69,6 +76,6 @@ in {
           client_max_body_size 50000M;
         '';
       };
-    }) proxy-mappings;
+    }) hosts;
   };
 }
\ No newline at end of file