[vaultwarden] fix config
All checks were successful
Check flake syntax / flake-check (push) Successful in 5m48s
All checks were successful
Check flake syntax / flake-check (push) Successful in 5m48s
This commit is contained in:
@@ -5,11 +5,18 @@ with lib;
|
||||
{
|
||||
sops.defaultSopsFile = ./secrets.yaml;
|
||||
sops.secrets = {
|
||||
vaultUser = {};
|
||||
vaultPass = {};
|
||||
vaultwarden_env = {
|
||||
owner = "vaultwarden";
|
||||
group = "vaultwarden";
|
||||
};
|
||||
|
||||
vaultwarden_smtp = {
|
||||
owner = "vaultwarden";
|
||||
group = "vaultwarden";
|
||||
};
|
||||
};
|
||||
networking = {
|
||||
hostName = mkDefault "uptimekuma";
|
||||
hostName = mkDefault "vaultwarden";
|
||||
useDHCP = false;
|
||||
};
|
||||
|
||||
@@ -22,33 +29,32 @@ with lib;
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
virtualHosts."status.malobeo.org" = {
|
||||
virtualHosts."keys.malobeo.org" = {
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:3001";
|
||||
proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
|
||||
extraConfig = ''
|
||||
'';
|
||||
};
|
||||
|
||||
};
|
||||
};
|
||||
|
||||
services.vaultwarden = {
|
||||
enable = true;
|
||||
backupDir = "";
|
||||
enviromentDile = sops.nochewas.file ;
|
||||
backupDir = "/var/local/vaultwarden/backup";
|
||||
environmentFile = config.sops.secrets.vaultwarden_env.path;
|
||||
config = {
|
||||
DOMAIN = "keys.malobeo.org"; #maybe vault.malobeo.org
|
||||
DOMAIN = "http://keys.malobeo.org";
|
||||
SIGNUPS_ALLOWED = true;
|
||||
#WEBSERVER
|
||||
ROCKET_ADDRESS = "::1";
|
||||
ROCKET_ADDRESS = "127.0.0.1";
|
||||
ROCKET_PORT = 8222;
|
||||
ROCKET_LOG = "critical";
|
||||
#EMAIL
|
||||
SMTP_HOST = "mail.systemli.org";
|
||||
SMTP_PORT = 465;
|
||||
SMTP_SECURITY = "force_tls";
|
||||
SMTP_USERNAME = sops.smtpUser;
|
||||
SMTP_PASSWORD = sops.smtpPass;
|
||||
SMTP_USERNAME = "malobot@systemli.org";
|
||||
SMTP_PASSWORD = config.sops.secrets.vaultwarden_smtp.path;
|
||||
|
||||
SMTP_FROM = "malobot@systemli.org";
|
||||
SMTP_FROM_NAME = "Malobeo Vaultwarden Server";
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
smtpUser: ENC[AES256_GCM,data:BsHFhpQtQ2Jhi3nuhJXjReJvbzU=,iv:jdSLeAgYj8JFSsLU3ZiVCG2ox8ZBo/HV6szCQUU5YWQ=,tag:XjS12SnmC6NNhWcTUvEhlA==,type:str]
|
||||
vaultwarden_smtp: ENC[AES256_GCM,data:qO0aePdHhMORHBY7c4u0byO4IngEmYPe2gC3ASOwc3U=,iv:u6z9j94zNGp40Li+AyEeJPME7doJ7+tfKk4VfYVaGVU=,tag:gxvs6AxKTQ83/rPWnS/tOA==,type:str]
|
||||
vaultwarden_env: ENC[AES256_GCM,data:XW6kguaPOfPcf2J+Dve/pEUGD9V8d62vBaGFkeXt/FqjzSojUpvS/Bz4lj2AgMQHs/DeVnvoKl5nz/i6nisAfLhcz2JXn5keAAMOXg==,iv:C9PmNffXZzZtkmeshs8fD2DNIZKW61esNRp6pBkO+aU=,tag:bt+TavMjwR2k6IpYwhm9Yg==,type:str]
|
||||
sops:
|
||||
age:
|
||||
- recipient: age1ljpdczmg5ctqyeezn739hv589fwhssjjnuqf7276fqun6kc62v3qmhkd0c
|
||||
@@ -10,8 +11,8 @@ sops:
|
||||
bWhRZS9oamtQYnRZVnI1clVGNytHWlkKb1hYwkqfSiMCVFOWraCiWoAU1Ua/U0Kc
|
||||
2UnXRByOST5hfKkTnpJ0765UATUny0K53H/ieMR0cyQxE3aCbk5AfA==
|
||||
-----END AGE ENCRYPTED FILE-----
|
||||
lastmodified: "2025-12-18T17:56:54Z"
|
||||
mac: ENC[AES256_GCM,data:/TofX/71rLHMpin9hhKcXQRTuCb+CXkTkHtZozuqSL0SHR0hTacLNZrmkPlzYlxmvzYsJekBOWTfrhxOD5cOhdOhfsZ/zhXi0e3RVDBPDE//faARYvbQ9IJGsDOGQzaZopwXx098MVNGj3NP6XqDgCI5aDXfL8Uklg0ORTXfPwE=,iv:Th7+EY9BdV8nmMi7rYQjgLN8nxDOwNSiWy3movkyIAw=,tag:caMd5aeQbaVAWbYJYe5K+A==,type:str]
|
||||
lastmodified: "2026-01-26T13:35:26Z"
|
||||
mac: ENC[AES256_GCM,data:aNkKvu/J+5WlVoYPffLg+jvIxIMR8NE5LbAP5asOauoaLAlnoXDhN+x3ipLoyoZ/VTxTnlYc2oiuSJBmc5LlGxrxYnhpYYoS+PES3cVuZdPo1AhvTDROsMgXKpa49yjzzLF4mNGwNZtCXxw47pwfRGidigRM5FgMhekvPKR4LGU=,iv:FPBulFijcQdHWampt+gY+6gfYY+GagBn+lFy4R9Q8Z8=,tag:/oCKV5McpQ3KnDZJdSjAGA==,type:str]
|
||||
pgp:
|
||||
- created_at: "2025-12-18T17:32:21Z"
|
||||
enc: |-
|
||||
|
||||
Reference in New Issue
Block a user