Startseite Erkunden Hilfe
Anmelden
control
/
home
1
0
Fork 0
Dateien
Struktur: 29a7cf5def
Branches Tags
home
/
hosts
/
odin
/
services
/
vaultwarden.nix

vaultwarden.nix 726 B
Verlauf Originalformat

123456789101112131415161718192021222324252627 
  1. { config, ... }:
    2. 

  2. let
    3. 

  3.   cfg = config.services.vaultwarden.config;
    4. 

  4. in
    5. 

  5. {
    6. 

  6.   services.vaultwarden.enable = true;
    7. 

  7.   services.vaultwarden.backupDir = "/mnt/storage/vaultwarden";
    8. 

  8.   services.vaultwarden.config = {
    9. 

  9.     ROCKET_ADDRESS = "127.0.0.1";
    10. 

  10.     ROCKET_PORT = 8222;
    11. 

  11.   };
    12. 

  12.   services.vaultwarden.environmentFile =
    13. 

  13.     config.age.secrets."odin/services/vaultwarden".path;
    14. 

  14. 

  15.   users.users.vaultwarden.extraGroups = [ "storage" ];
    16. 

  16.   systemd.tmpfiles.rules = [
    17. 

  17.     "d /mnt/storage/vaultwarden 0755 vaultwarden storage -"
    18. 

  18.   ];
    19. 

  19. 

  20.   services.caddy.virtualHosts.vaultwarden = {
    21. 

  21.     hostName = "vault.{$DOMAIN}";
    22. 

  22.     extraConfig = ''
    23. 

  23.       encode gzip zstd
    24. 

  24.       reverse_proxy ${cfg.ROCKET_ADDRESS}:${toString cfg.ROCKET_PORT}
    25. 

  25.     '';
    26. 

  26.   };
    27. 

  27. }
    28.