federez/nix
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/profiles/vaultwarden.nix
Ryan Lahfa 8acdce99df Init infrastructure 
Benjamin, I hate you.

Signed-off-by: Ryan Lahfa <federez-infra@lahfa.xyz>
2024-02-12 04:57:07 +01:00

31 lines
804 B
Nix
Raw Blame History

{ config, ... }: {
age.secrets.vaultwarden-secrets.file = ../secrets/vaultwarden-secrets.age;
networking.firewall.allowedTCPPorts = [ 80 443 ];
services.nginx = {
enable = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
recommendedProxySettings = true;
virtualHosts."vault.federez.net" = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:8222";
};
};
services.vaultwarden = {
enable = true;
environmentFile = config.age.secrets.vaultwarden-secrets.path;
config = {
DOMAIN = "https://vault.federez.net";
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
ROCKET_LOG = "critical";
};
};
}
Reference in a new issue View git blame Copy permalink