23 lines
633 B
Nix
23 lines
633 B
Nix
{
|
|
config,
|
|
mylib,
|
|
...
|
|
}: {
|
|
systemd.services.vaultwarden = {
|
|
serviceConfig.EnvironmentFile = config.sops.secrets.vaultwarden-env.path;
|
|
};
|
|
# NOTE send doesnt work, probably due to my cloudflare port rewriting rules
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
config = {
|
|
DOMAIN = mylib.stripPort "https://${config.services.caddy.virtualHosts.vaultwarden.hostName}";
|
|
ROCKET_ADDRESS = "0.0.0.0";
|
|
ROCKET_PORT = 35381;
|
|
ROCKET_LOG = "critical";
|
|
SIGNUPS_ALLOWED = false;
|
|
IP_HEADER = "X-Forwarded-For";
|
|
};
|
|
};
|
|
|
|
services.restic.backups.hopper.paths = ["/var/lib/bitwarden_rs"];
|
|
}
|