This container now works. I have added a README, and a service-file, and tweaked some small things

7 files changed, 36 insertions, 7 deletions

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..7554b37
--- /dev/null
+++ b/README.md
@@ -0,0 +1,25 @@
+# A mkosi-template for Bitwarden_RS
+
+This is a mkosi-template for
+[Bitwarden_RS](https://github.com/dani-garcia/bitwarden_rs). In order to set
+this up you need Mkosi >=5.
+
+To build this, run `sudo mkosi`. This will create a new container in
+`/var/lib/machines` called `bitwarden-rs`. Next you should symlink the
+`.nspawn`-config to `/etc/systemd/nspawn` using `sudo ln -s
+/var/lib/machines/bitwarden-rs.nspawn /etc/systemd/nspawn/`.
+
+After that you need to create the folders we mount into the image. This is
+`/etc/bitwarden_rs` and `/var/local/bitwarden_rs`. These should be owned by
+root, and have `700` set as permissions.
+
+Then you need to copy `etc/bitwarden_rs/bitwarden_rs.env` to
+`/etc/bitwarden_rs/`, and set all your variables. You also need to create a
+database (using PostgreSQL). Lastly you need to set up a web-proxy - see the
+[Bitwarden_RS wiki](https://github.com/dani-garcia/bitwarden_rs/wiki) for
+[examples](https://github.com/dani-garcia/bitwarden_rs/wiki/Proxy-examples).
+
+Now all you need to do is to run it - `machinectl start bitwarden-rs`. You can
+drop into the container to troubleshoot using `machinectl shell bitwarden-rs`,
+and you can view logs using `journalctl -M bitwarden-rs` from the host, or
+`journalctl -u bitwarden_rs` from inside the container.
diff --git a/bitwarden_rs.env b/etc/bitwarden_rs/bitwarden_rs.env
index 79b93f4..79b93f4 100644
--- a/bitwarden_rs.env
+++ b/etc/bitwarden_rs/bitwarden_rs.env
diff --git a/mkosi.build b/mkosi.build
index 347966e..a558b79 100755
--- a/mkosi.build
+++ b/mkosi.build
@@ -40,4 +40,4 @@ cargo build --features postgresql --release
 
 ## move stuff ##
 mv web-vault ${DESTDIR}/
-mv target/release ${DESTDIR}/bitwarden_rs
+mv target/release/bitwarden_rs ${DESTDIR}/
diff --git a/mkosi.default b/mkosi.default
index 52c3dfd..e136d61 100644
--- a/mkosi.default
+++ b/mkosi.default
@@ -6,7 +6,7 @@ Mirror=http://no.archive.ubuntu.com
 
 [Output]
 Format=directory
-Output=/var/lib/machines/bitwarden
+Output=/var/lib/machines/bitwarden-rs
 
 [Packages]
 WithNetwork=yes
@@ -15,6 +15,7 @@ Packages=
     curl
     locales
     libpq-dev
+    openssl
 
 BuildPackages=
     git
diff --git a/mkosi.extra/etc/systemd/system/bitwarden_rs.service b/mkosi.extra/etc/systemd/system/bitwarden_rs.service
index 54327c2..c6d3322 100644
--- a/mkosi.extra/etc/systemd/system/bitwarden_rs.service
+++ b/mkosi.extra/etc/systemd/system/bitwarden_rs.service
@@ -8,7 +8,7 @@ After=network.target
 User=bitwarden_rs
 Group=bitwarden_rs
 # The location of the .env file for configuration
-EnvironmentFile=/etc/bitwarden_rs.env
+EnvironmentFile=/etc/bitwarden_rs/bitwarden_rs.env
 # The location of the compiled binary
 ExecStart=/usr/local/bin/bitwarden_rs
 # Set reasonable connection and process limits
diff --git a/mkosi.nspawn b/mkosi.nspawn
index d5d3a36..56981b6 100644
--- a/mkosi.nspawn
+++ b/mkosi.nspawn
@@ -1,5 +1,5 @@
 [Exec]
-Hostname=bitwarden
+Hostname=bitwarden_rs
 ResolvConf=copy-host
 Timezone=copy
 NoNewPrivilege=yes
@@ -7,6 +7,8 @@ PrivateUsers=pick
 
 [Files]
 PrivateUsersChown=true
+Bind=/etc/bitwarden_rs/bitwarden_rs.env
+Bind=/var/local/bitwarden_rs/data:/var/lib/bitwarden_rs/data
 
 [Network]
 VirtualEthernet=no
diff --git a/mkosi.postinst b/mkosi.postinst
index 6cd5334..b0330d1 100755
--- a/mkosi.postinst
+++ b/mkosi.postinst
@@ -1,9 +1,10 @@
 #!/bin/sh
-mv /bitwarden_rs/bitwarden_rs /usr/local/bin/
+mv /bitwarden_rs /usr/local/bin/
 
-mkdir /var/lib/bitwarden_rs
+mkdir /var/lib/bitwarden_rs /etc/bitwarden_rs
 useradd -d /var/lib/bitwarden_rs --system bitwarden_rs
-chown -R bitwarden_rs: /var/lib/bitwarden_rs
+chown -R bitwarden_rs: /var/lib/bitwarden_rs /etc/bitwarden_rs
+chmod 700 /var/lib/bitwarden_rs /etc/bitwarden_rs
 
 systemctl enable bitwarden_rs