koishi/nixos
1
0
Fork 0
Code Issues Pull requests Projects Activity

feat(eientei): enable vaultwarden

Browse source
This commit is contained in:
514fpv 2024-03-19 09:50:08 +08:00
parent 02ed937123
commit 1c6b3267d8
Signed by: koishi
SSH key fingerprint: SHA256:axz0uIzzY+5W19i7QOUuiw5LSqhKfCBKPf3L4xFRxLw
1 changed files with 27 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
spec/eientei/vaultwarden.nix Normal file
View file

@ -0,0 +1,27 @@
{
services.vaultwarden = {
enable = true;
environmentFile = "/nix/persist/service/vaultwarden/secret.env";
config = {
domain = "https://vault.514fpv.io:2096";
signupsAllowed = true;
rocketAddress = "127.0.0.1";
rocketPort = 8222;
rocketLog = "critical";
databaseUrl = "postgresql:///vaultwarden";
};
dbBackend = "postgresql";
};
services.nginx.virtualHosts."vault.514fpv.io" = {
useACMEHost = ".514fpv.io";
addSSL = true;
locations."/".proxyPass = "http://127.0.0.1:8222";
};
environment.persistence."/nix/persist/fhs".directories = [
"/var/lib/bitwarden_rs"
];
global.fs.zfs.mountpoints."/nix/persist/service/vaultwarden" = "service/vaultwarden";
}