rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2025-01-18 17:11:39 +01:00
Code Issues Projects Releases Packages Wiki Activity

initial vaultwarden config

Browse source
This commit is contained in:
Rouven Seifert 2023-01-25 13:48:58 +01:00
parent 1e517e58d2
commit 6b41537bc2
Signed by: rouven.seifert
GPG key ID: B95E8FE6B11C4D09
2 changed files with 28 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
hosts/nuc/modules/vaultwarden/default.nix Normal file
View file

@ -0,0 +1,24 @@
{ config, pkgs, ... }:
let
domain = "vault.rfive.de";
in
{
config.sops.secrets."vaultwarden/env" = { };
services.vaultwarden = {
enable = true;
dbBackend = "postgresql";
environmentFile = config.sops.secrets."vaultwarden/env".path;
config = {
domain = domain;
signupsAllowed = false;
rocketPort = 8000;
};
services.nginx.virtualHosts."bitwarden.example.com" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
};
};
};
}

6
secrets/nuc.yaml
View file

@ -1,6 +1,8 @@
nextcloud:
dbpass: ENC[AES256_GCM,data:M8NrNlTJe9r5qUyGcSod5qGGRsJu18Ppng==,iv:YHjImCZEbJGC8Mj278Iz6ETMmCs3k+IZsCACI27bMM8=,tag:+nvMxCj8YxMIIbLoosxsvg==,type:str]
adminpass: ENC[AES256_GCM,data:w4gkgC0wnBh2NLjKz58JBg+FU7hLLkuaJQ==,iv:5FOBhbngHccVY9WxyjC1x93vXzHlBFsF06+oVTC1vl8=,tag:8sLPIBl2/QJTk134OEtAfw==,type:str]
vaultwarden:
env: ENC[AES256_GCM,data:d/FTv/6O/r4HSaMBPnr6oU/VcGYzS658hP2koM1pm/Pg/oxIbw1xi7PlSb97DQprvGy/zh/M5wqWqCGzS5Dwk0TIy5NAvuzAAXYMvvQSJfOhwRnRR7KVoaTCZi7CQHWOvjp1d/N3zKcj1KD6,iv:nR0YUQ/2ZpzwZD22XLH4BiwzTU7LTAymK4lWkT05MXo=,tag:b65zfcY9N/mOn1CS/vr/DA==,type:str]
sops:
kms: []
gcp_kms: []
@ -16,8 +18,8 @@ sops:
cWdNRzdhOUdheFdaWlNNTG4rUFlaVlUKs+/IYY3/2n60+QbVkXZu9Sp57jh+7ncA
DqrjJGBo9MNXfSS7qJ+p7dVksA2kxCNwvKV7y/zbvtXKGusvs+Qe/A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-01-24T10:56:15Z"
mac: ENC[AES256_GCM,data:kpueAVFABUAZ6GO5NmNtTBWcxQ6SH1whTVueF5oxQFA+BxFY+J3fUBnxRk1oAlR1VEmevqtHmMYbp9U5pu17j9M7ZJ5fZZMxunB9tr3oSPDYHLgmIENaVoh1O9F/+MDA/6AamqhVlvq16Ltb/uHR7sSmR6GAh+tKEJLb7ivyPis=,iv:pN6B7GV+J+T0ZENKpH5UtWwzkjLNJkJ3hliqrcX8oBw=,tag:9Z6ujfpGu3pDcDUHnoXi3A==,type:str]
lastmodified: "2023-01-25T12:43:55Z"
mac: ENC[AES256_GCM,data:CkV8vnwa+XBjCHDerxaGZOlU5Gexc+FjH5zetoASZPR3ojef3hwV+dEfAqFq09wUPaCzCHN7azU70QBDL8Z1CO4pJHzc/pJhKadEfwICgnEuH/YwqE0xChMrrdIWkd5pR1wxi6TbuVPizqN0PxAo10vtO3sdSFymMQ1exSKQo/8=,iv:cbe21CftPlwKn+Sim3wPLFrZM8S5Cj8u2x/yh5VyCr4=,tag:hOc/ynnFNRmDp0oj6/QF8w==,type:str]
pgp:
- created_at: "2023-01-24T10:54:00Z"
enc: |-