harivansh-afk/nix
1
1
Fork 0
mirror of https://github.com/harivansh-afk/nix.git synced 2026-04-20 14:05:10 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

self-host vault-warden

Browse source
This commit is contained in:
Harivansh Rathi 2026-03-31 15:15:59 -04:00
parent 42b10c5824
commit 000355c318
1 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

20
hosts/netty/configuration.nix
View file

@ -11,6 +11,7 @@ let
packageSets = import ../../lib/package-sets.nix { inherit inputs lib pkgs; }; packageSets = import ../../lib/package-sets.nix { inherit inputs lib pkgs; };
sandboxDomain = "netty.harivan.sh"; sandboxDomain = "netty.harivan.sh";
forgejoDomain = "git.harivan.sh"; forgejoDomain = "git.harivan.sh";
vaultDomain = "vault.harivan.sh";
forgejoApiUrl = "http://127.0.0.1:3000"; forgejoApiUrl = "http://127.0.0.1:3000";
sandboxAgentPackage = pkgs.callPackage ../../pkgs/sandbox-agent { }; sandboxAgentPackage = pkgs.callPackage ../../pkgs/sandbox-agent { };
sandboxAgentDir = "/home/${username}/.config/sandbox-agent"; sandboxAgentDir = "/home/${username}/.config/sandbox-agent";
@ -216,6 +217,25 @@ in
forceSSL = true; forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:3000"; locations."/".proxyPass = "http://127.0.0.1:3000";
}; };
virtualHosts.${vaultDomain} = {
enableACME = true;
forceSSL = true;
locations."/".proxyPass = "http://127.0.0.1:8222";
};
};
# --- Vaultwarden ---
services.vaultwarden = {
enable = true;
backupDir = "/var/backup/vaultwarden";
environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
config = {
DOMAIN = "https://${vaultDomain}";
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
};
}; };
# --- Forgejo --- # --- Forgejo ---