Inicio Explorar Axuda
Iniciar sesión
control
/
home
1
0
Fork 0
Ficheiros
Árbore: a366ba044a
Ramas Etiquetas
home
/
hosts
/
odin
/
services
/
vaultwarden.nix

vaultwarden.nix 821 B
Histórico Raw

123456789101112131415161718192021222324252627 
  1. { config, ... }:
    2. 

  2. let
    3. 

  3.   cfg = config.services.vaultwarden.config;
    4. 

  4. in
    5. 

  5. {
    6. 

  6.   services.vaultwarden.enable = true;
    7. 

  7.   services.vaultwarden.backupDir = "/mnt/storage/vaultwarden";
    8. 

  8.   services.vaultwarden.config = {
    9. 

  9.     ROCKET_ADDRESS = "127.0.0.1";
    10. 

  10.     ROCKET_PORT = 8222;
    11. 

  11.   };
    12. 

  12.   services.vaultwarden.environmentFile =
    13. 

  13.     config.age.secrets."odin/services/vaultwarden".path;
    14. 

  14. 

  15.   users.users.vaultwarden.extraGroups = [ "storage" ];
    16. 

  16.   systemd.tmpfiles.rules = [
    17. 

  17.     "d /mnt/storage/vaultwarden 0755 vaultwarden storage -"
    18. 

  18.   ];
    19. 

  19. 

  20.   services.cloudflared.tunnels."71c89a7f-2467-444c-9fda-4864860dc8c4" = {
    21. 

  21.     credentialsFile =
    22. 

  22.       config.age.secrets."odin/services/cloudflared-tunnel".path;
    23. 

  23.     default = "http_status:404";
    24. 

  24.     ingress."vault.t5.st".service =
    25. 

  25.       "http://${cfg.ROCKET_ADDRESS}:${toString cfg.ROCKET_PORT}";
    26. 

  26.   };
    27. 

  27. }
    28.