diff options
| -rw-r--r-- | configuration.nix | 1 | ||||
| -rw-r--r-- | modules/vaultwarden.nix | 23 |
2 files changed, 24 insertions, 0 deletions
diff --git a/configuration.nix b/configuration.nix index 7fb8c42..dc00716 100644 --- a/configuration.nix +++ b/configuration.nix @@ -13,6 +13,7 @@ ./modules/mealie.nix ./modules/polaris.nix ./modules/caldav.nix + ./modules/vaultwarden.nix ]; networking.hostName = "nixos"; diff --git a/modules/vaultwarden.nix b/modules/vaultwarden.nix new file mode 100644 index 0000000..4f5aa95 --- /dev/null +++ b/modules/vaultwarden.nix @@ -0,0 +1,23 @@ +{ config, libs, pkgs, ...}: +{ + + services.vaultwarden = { + enable = true; + config = { + SIGNUPS_ALLOWED = false; + DOMAIN = "https://vault.krinitsin.com"; + ROCKET_ADDRESS = "127.0.0.1"; + ROCKET_PORT = 8222; + }; + environmentFile = "/secret/vaultwarden.env"; + }; + + services.nginx.virtualHosts."vault.krinitsin.com" = { + forceSSL = true; + useACMEHost = "krinitsin.com"; + locations."/".proxyPass = "http://localhost:8222"; + }; + + security.acme.certs."krinitsin.com".extraDomainNames = [ "vault.krinitsin.com" ]; + +} |