cy/nixos-config
cy/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

make vaultwarden a module and enable ssh-agent feature

Browse source
This commit is contained in:
cy 2025-03-04 13:00:48 -05:00
parent a6db9e3b8a
commit b5e3bf8e54
Signed by: cy
SSH key fingerprint: SHA256:o/geVWV4om1QhUSkKvDQeW/eAihwnjyXkqMwrVdbuts
5 changed files with 37 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
hosts/chunk/vaultwarden.nix
View file

@ -1,15 +1,6 @@
{ config, ... }:
{ ... }:
{
services.vaultwarden = {
enable = true;
dbBackend = "postgresql";
environmentFile = config.sops.secrets."vaultwarden/env".path;
config = {
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = "8081";
DATABASE_URL = "postgresql://vaultwarden:vaultwarden@127.0.0.1:5432/vaultwarden";
};
};
my.vaultwarden.enable = true;
services.caddy.virtualHosts."pass.cy7.sh".extraConfig = ''
import common

2
hosts/common.nix
View file

@ -54,7 +54,7 @@
# https://github.com/jauderho/nts-servers
"ntp3.fau.de"
"ntppool1.time.nl"
"time.signorini.ch"
"ntpmon.dcs1.biz"
"stratum1.time.cifelli.xyz"
"nts.teambelgium.net"
"c.st1.ntp.br"

11
hosts/ytnix/default.nix
View file

@ -406,14 +406,5 @@
enableTCPIP = true;
};
services.vaultwarden = {
enable = true;
dbBackend = "postgresql";
environmentFile = config.sops.secrets."vaultwarden/env".path;
config = {
ROCKET_ADDRESS = "0.0.0.0";
ROCKET_PORT = "8081";
DATABASE_URL = "postgresql://vaultwarden:vaultwarden@127.0.0.1:5432/vaultwarden";
};
};
my.vaultwarden.enable = true;
}

1
modules/default.nix
View file

@ -6,5 +6,6 @@
./roundcube.nix
./zipline.nix
./containerization.nix
./vaultwarden.nix
];
}

32
modules/vaultwarden.nix Normal file
View file

@ -0,0 +1,32 @@
{
config,
lib,
...
}:
let
cfg = config.my.vaultwarden;
in
{
options.my.vaultwarden = {
enable = lib.mkEnableOption "vaultwarden";
domain = lib.mkOption {
type = lib.types.str;
default = "https://pass.cy7.sh";
};
};
config = lib.mkIf cfg.enable {
services.vaultwarden = {
enable = true;
dbBackend = "postgresql";
environmentFile = config.sops.secrets."vaultwarden/env".path;
config = {
ROCKET_ADDRESS = "0.0.0.0";
ROCKET_PORT = "8081";
DATABASE_URL = "postgresql://vaultwarden:vaultwarden@127.0.0.1:5432/vaultwarden";
EXPERIMENTAL_CLIENT_FEATURE_FLAGS = "fido2-vault-credentials,ssh-agent,ssh-key-vault-item,autofill-v2";
DOMAIN = cfg.domain;
};
};
};
}