首頁 探索 說明
登入
control
/
home
1
0
複刻 0
Files
分支: master
分支列表 標籤列表
home
/
hosts
/
odin
/
services
/
vaultwarden.nix

vaultwarden.nix 723 B
永久連結 文件歷史 原始文件

1234567891011121314151617181920212223242526 
  1. { config, ... }:
    2. 

  2. let
    3. 

  3.   cfg = config.services.vaultwarden.config;
    4. 

  4. in
    5. 

  5. {
    6. 

  6.   services.vaultwarden.enable = true;
    7. 

  7.   services.vaultwarden.backupDir = "/mnt/storage/vaultwarden";
    8. 

  8.   services.vaultwarden.config = {
    9. 

  9.     ROCKET_ADDRESS = "127.0.0.1";
    10. 

  10.     ROCKET_PORT = 8222;
    11. 

  11.   };
    12. 

  12.   services.vaultwarden.environmentFile = config.age.secrets."odin/services/vaultwarden".path;
    13. 

  13. 

  14.   users.users.vaultwarden.extraGroups = [ "storage" ];
    15. 

  15.   systemd.tmpfiles.rules = [
    16. 

  16.     "d /mnt/storage/vaultwarden 0755 vaultwarden storage -"
    17. 

  17.   ];
    18. 

  18. 

  19.   services.caddy.virtualHosts.vaultwarden = {
    20. 

  20.     hostName = "vault.odin.t5.st";
    21. 

  21.     extraConfig = ''
    22. 

  22.       encode gzip zstd
    23. 

  23.       reverse_proxy ${cfg.ROCKET_ADDRESS}:${toString cfg.ROCKET_PORT}
    24. 

  24.     '';
    25. 

  25.   };
    26. 

  26. }
    27.