feat: add formatter
This commit is contained in:
danny
parent
d036cf224a
commit
cf005ff872
269 changed files with 369 additions and 226 deletions
15
system/modules/vaultwarden.nix
Normal file → Executable file
15
system/modules/vaultwarden.nix
Normal file → Executable file
|
|
@ -1,6 +1,12 @@
|
|||
{ domain }:
|
||||
{ config, ... }:
|
||||
let
|
||||
inherit (config.sops) secrets;
|
||||
cfg = config.services.vaultwarden;
|
||||
in
|
||||
{
|
||||
sops.secrets."vaultwarden" = { };
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
ensureUsers = [
|
||||
|
|
@ -17,7 +23,7 @@
|
|||
services.vaultwarden = {
|
||||
enable = true;
|
||||
dbBackend = "postgresql";
|
||||
environmentFile = config.sops.secrets.vaultwarden.path;
|
||||
environmentFile = secrets.vaultwarden.path;
|
||||
config = {
|
||||
DOMAIN = "https://${domain}";
|
||||
SIGNUPS_ALLOWED = true;
|
||||
|
|
@ -26,6 +32,11 @@
|
|||
ROCKET_ADDRESS = "127.0.0.1";
|
||||
ROCKET_LOG = "critical";
|
||||
|
||||
SSO_ENABLED = true;
|
||||
SSO_ONLY = true;
|
||||
SSO_SIGNUPS_MATCH_EMAIL = true;
|
||||
SSO_AUTH_ONLY_NOT_SESSION = true;
|
||||
|
||||
DATABASE_URL = "postgresql:///vaultwarden";
|
||||
};
|
||||
};
|
||||
|
|
@ -34,7 +45,7 @@
|
|||
enableACME = true;
|
||||
forceSSL = true;
|
||||
locations."/" = {
|
||||
proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}/";
|
||||
proxyPass = "http://127.0.0.1:${toString cfg.config.ROCKET_PORT}/";
|
||||
proxyWebsockets = true;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue