20 lines
528 B
Nix
20 lines
528 B
Nix
{ config, pkgs, ... }: {
|
|
imports = [ ../../common ../../common/lxc.nix ];
|
|
networking.hostName = "vault";
|
|
system.stateVersion = "21.11";
|
|
networking.firewall.enable = true;
|
|
networking.firewall.allowedTCPPorts = [ 8200 ];
|
|
services.vault = {
|
|
enable = true;
|
|
address = "0.0.0.0:8200";
|
|
storageBackend = "postgresql";
|
|
storageConfig = ''
|
|
connection_url = "postgres://vault:x@postgres.lxd:5432/vault?sslmode=disable"
|
|
'';
|
|
extraConfig = ''
|
|
ui = true
|
|
disable_mlock = true
|
|
'';
|
|
};
|
|
}
|