Avery/NixOS
Avery/NixOS
1
0
Fork 0
Code Activity
NixOS/hosts/greatyamada/services/vaultwarden.nix
Avery 97bf3bb177
Update greatyamada config
2025-06-21 15:42:06 +02:00

36 lines
1 KiB
Nix
Raw Blame History

{ config, ... }:
let
portDefinitions = import ./_port-definitions.nix;
nginxLocalServiceConfig = import ./nginx-local-config.nix;
in {
services = {
vaultwarden = {
enable = true;
dbBackend = "postgresql";
config = {
domain = "https://vaultwarden.rcia.dev";
rocketAddress = "127.0.0.1";
rocketPort = portDefinitions.vaultwarden;
showPasswordHint = false;
signupsAllowed = false;
};
environmentFile = config.sops.templates."vaultwarden.env".path;
};
nginx.virtualHosts."vaultwarden.rcia.dev" = {
locations."/".proxyPass =
"http://localhost:${toString portDefinitions.vaultwarden}";
forceSSL = true;
useACMEHost = "rcia.dev";
extraConfig = nginxLocalServiceConfig;
};
};
sops = {
secrets."vaultwarden_database_url" = { };
templates."vaultwarden.env" = {
content = ''
DATABASE_URL=${config.sops.placeholder."vaultwarden_database_url"}
'';
owner = "vaultwarden";
};
};
}
View git blame Copy permalink