Syzygial/NixMachines
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
e14c8721d1946d5395cc9e3d2f4149a7ab13ad72
NixMachines/machines/hippocampus/servers/public/vaultwarden.nix

36 lines
807 B
Nix
Raw Blame History

{config, pkgs, ...}:
{
sops.secrets.vaultenv = {
owner = config.systemd.services.vaultwarden.serviceConfig.User;
};
services.vaultwarden = {
enable = true;
dbBackend = "postgresql";
environmentFile = config.sops.secrets.vaultenv.path;
config = {
DOMAIN = "https://vault.crompton.cc";
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
};
};
services.postgresql = {
enable = true;
settings.port = 5432;
ensureDatabases = [
"vaultwarden"
];
ensureUsers = [{
name = "vaultwarden";
ensureDBOwnership = true;
}];
};
services.caddy.virtualHosts = {
"vault.crompton.cc" = {
extraConfig = ''
reverse_proxy 127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}
'';
};
};
}
Reference in New Issue View Git Blame Copy Permalink