30 lines
807 B
Nix
30 lines
807 B
Nix
{ config, pkgs, deployment, ... }: {
|
|
imports = [ ../../common ../../common/lxc.nix ];
|
|
networking.hostName = "vaultwarden";
|
|
system.stateVersion = "21.11";
|
|
|
|
# networking.firewall.allowedTCPPorts = [ 8000 ];
|
|
# networking.firewall.allowedUDPPorts = [ 8000 ];
|
|
networking.firewall.enable = false;
|
|
|
|
deployment.keys."envFile" = {
|
|
user = "vaultwarden";
|
|
group = "vaultwarden";
|
|
destDir = "/var/lib/keys";
|
|
keyCommand = [ "vault" "kv" "get" "-field=env" "kv/vaultwarden" ];
|
|
|
|
};
|
|
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
dbBackend = "postgresql";
|
|
environmentFile = "/var/lib/keys/envFile";
|
|
config = {
|
|
domain = "https://vaultwarden.asraphiel.dev";
|
|
signupsDomainsWhitelist = "voidcorp.nl";
|
|
rocketPort = 8000;
|
|
rocketAddress = "0.0.0.0";
|
|
};
|
|
};
|
|
}
|