2024-10-21 12:17:54 +02:00
|
|
|
#
|
|
|
|
|
# System notifications
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
{ config, lib, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
services.vaultwarden = {
|
|
|
|
|
enable = true;
|
2024-10-22 12:32:41 +02:00
|
|
|
dbBackend = "sqlite";
|
|
|
|
|
backupDir = "/var/backup/vaultwarden";
|
2024-10-21 12:17:54 +02:00
|
|
|
environmentFile = config.age.secrets."services/vaultwarden/environment".path;
|
|
|
|
|
config = {
|
2024-10-22 12:32:41 +02:00
|
|
|
DOMAIN = "https://vault.home.opel-online.de";
|
2024-10-21 12:17:54 +02:00
|
|
|
SIGNUPS_ALLOWED = false;
|
|
|
|
|
ROCKET_ADDRESS = "127.0.0.1";
|
|
|
|
|
ROCKET_PORT = 8222;
|
|
|
|
|
|
|
|
|
|
ROCKET_LOG = "critical";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
services.nginx = {
|
|
|
|
|
virtualHosts = {
|
2024-10-22 12:32:41 +02:00
|
|
|
"vault.home.opel-online.de" = {
|
|
|
|
|
useACMEHost = "home.opel-online.de";
|
2024-10-21 12:17:54 +02:00
|
|
|
forceSSL = true;
|
|
|
|
|
locations."/".proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-10-21 14:07:47 +02:00
|
|
|
|
2024-10-21 12:17:54 +02:00
|
|
|
age.secrets."services/vaultwarden/environment" = {
|
|
|
|
|
file = ../../../secrets/services/vaultwarden/environment.age;
|
|
|
|
|
owner = "vaultwarden";
|
|
|
|
|
};
|
2024-10-22 12:32:41 +02:00
|
|
|
|
2024-10-21 12:17:54 +02:00
|
|
|
}
|
