add password manager

author: Christian Krinitsin <code@krinitsin.xyz> 2025-03-25 23:14:41 +0100
committer: Christian Krinitsin <code@krinitsin.xyz> 2025-03-25 23:14:41 +0100
commit: eb3f95f3d5d7cd7d2f6e378c408c0ca17f2272b3 (patch)
tree: 0c0b763123925fc6b87ca4b14ea1c635ebfe70ae /modules/vaultwarden.nix
parent: 9963e4079d44134d634648d66209aabd46ceb1ef (diff)
download: nosix-eb3f95f3d5d7cd7d2f6e378c408c0ca17f2272b3.tar.gz
nosix-eb3f95f3d5d7cd7d2f6e378c408c0ca17f2272b3.zip
1 files changed, 23 insertions, 0 deletions
diff --git a/modules/vaultwarden.nix b/modules/vaultwarden.nix
new file mode 100644
index 0000000..4f5aa95
--- /dev/null
+++ b/modules/vaultwarden.nix
@@ -0,0 +1,23 @@
+{ config, libs, pkgs, ...}:
+{
+
+  services.vaultwarden = {
+    enable = true;
+    config = {
+      SIGNUPS_ALLOWED = false;
+      DOMAIN = "https://vault.krinitsin.com";
+      ROCKET_ADDRESS = "127.0.0.1";
+      ROCKET_PORT = 8222;
+    };
+    environmentFile = "/secret/vaultwarden.env";
+  };
+
+  services.nginx.virtualHosts."vault.krinitsin.com" = {
+    forceSSL = true;
+    useACMEHost = "krinitsin.com";
+    locations."/".proxyPass = "http://localhost:8222";
+  };
+
+  security.acme.certs."krinitsin.com".extraDomainNames = [ "vault.krinitsin.com" ];
+
+}
author	Christian Krinitsin <code@krinitsin.xyz>	2025-03-25 23:14:41 +0100
committer	Christian Krinitsin <code@krinitsin.xyz>	2025-03-25 23:14:41 +0100
commit	eb3f95f3d5d7cd7d2f6e378c408c0ca17f2272b3 (patch)
tree	0c0b763123925fc6b87ca4b14ea1c635ebfe70ae /modules/vaultwarden.nix
parent	9963e4079d44134d634648d66209aabd46ceb1ef (diff)
download	nosix-eb3f95f3d5d7cd7d2f6e378c408c0ca17f2272b3.tar.gz nosix-eb3f95f3d5d7cd7d2f6e378c408c0ca17f2272b3.zip