25 lines
664 B
Nix
25 lines
664 B
Nix
{ config, ... }:
|
|
let domain = "vault.leaf.ninja";
|
|
in {
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
config = {
|
|
domain = "https://${domain}";
|
|
signupsAllowed = false;
|
|
rocketAddress = "0.0.0.0";
|
|
rocketPort = 8222;
|
|
smtpHost = "smtp.migadu.com";
|
|
smtpFrom = "vaultwarden@leaf.ninja";
|
|
smtpPort = 587;
|
|
smtpSecurity = "starttls";
|
|
smtpUsername = "vaultwarden@leaf.ninja";
|
|
};
|
|
environmentFile = config.age.secrets.vaultwarden-env.path;
|
|
};
|
|
|
|
services.caddy.virtualHosts.${domain}.extraConfig = ''
|
|
reverse_proxy localhost:8222
|
|
'';
|
|
|
|
age.secrets.vaultwarden-env.file = ./secrets/vaultwarden-env.age;
|
|
}
|