Added pingvin and vaultwarden

modules/home/containers/pingvin-share.nix

@@ -0,0 +1,69 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.settings.containers.pingvin-share;
+in {
+  options = {
+    settings.containers.pingvin-share.enable = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Enable Pingvin share container
+      '';
+    };
+  };
+
+  config = mkIf cfg.enable {
+    settings.services.sops.enable = true;
+  
+    services.podman.containers.pingvin-share = {
+      image = "ghcr.io/stonith404/pingvin-share";
+      network = "proxy";
+      volumes = [
+        "%h/containers/pingvin-share/data:/opt/app/backend/data" 
+        # "%h/containers/pingvin-share/config.yaml:/opt/app/config.yaml" 
+        "${config.sops.templates."container-pingvin.yaml".path}:/opt/app/config.yaml" 
+      ];
+      environment = {
+        TRUST_PROXY = true;
+      };
+      userNS = "keep-id";
+      extraConfig = {
+        Unit = {
+          After = [
+            "sops-nix.service"
+          ];
+        };
+      };
+    };
+
+    sops.templates = {
+      "container-pingvin.yaml" = {
+        content = /*yaml*/ ''
+          general:
+            secureCookies: "true"
+            appUrl: https://share.tbmrs.nl
+            showHomePage: "false"
+          share:
+            allowRegistration: "true"
+            maxSize: "10000000000"
+          oauth:
+            disablePassword: "false"
+            oidc-enabled: "true"
+            oidc-discoveryUri: "https://auth.tbmrs.nl/oauth2/openid/pingvin/.well-known/openid-configuration"
+            oidc-clientId: pingvin
+            oidc-clientSecret: "${config.sops.placeholder."containers/pingvin-share/oidc-secret"}"
+          initUser:
+            enabled: "true"
+            username: "admin"
+            email: "admin@example.com"
+            password: "my-secure-password"
+            isAdmin: true
+            ldapDN: ""
+        '';
+      };
+    };
+  };
+}