rebmit/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-config/nixos/profiles/services/vaultwarden/default.nix

45 lines
1.1 KiB
Nix
Raw Permalink Blame History

{ config, ... }:
{
services.vaultwarden = {
enable = true;
dbBackend = "sqlite";
backupDir = "/var/lib/backup/vaultwarden";
config = {
DOMAIN = "https://vault.rebmit.moe";
SIGNUPS_ALLOWED = false;
EMERGENCY_ACCESS_ALLOWED = false;
SENDS_ALLOWED = false;
ORG_CREATION_USERS = "none";
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = config.networking.ports.vaultwarden;
IP_HEADER = "X-Forwarded-For";
ENABLE_WEBSOCKET = false;
};
};
services.caddy.virtualHosts."vault.rebmit.moe" = {
extraConfig = with config.services.vaultwarden.config; ''
reverse_proxy ${ROCKET_ADDRESS}:${toString ROCKET_PORT}
'';
};
preservation.preserveAt."/persist".directories = [
{
directory = "/var/lib/vaultwarden";
mode = "-";
user = "-";
group = "-";
}
{
directory = config.services.vaultwarden.backupDir;
mode = "-";
user = "-";
group = "-";
}
];
services.restic.backups.b2.paths = [
"/persist${config.services.vaultwarden.backupDir}"
];
}
Reference in a new issue View git blame Copy permalink