mirror of
https://github.com/harivansh-afk/nix.git
synced 2026-04-15 07:04:47 +00:00
Harivansh Rathi
fd79908ad2
Break the monolithic 495-line configuration.nix into focused modules: - forgejo.nix: Forgejo service, git user, mirror sync timer - betternas.nix: control-plane + node agent services - vaultwarden.nix: Vaultwarden service - nginx.nix: ACME + all Nginx virtualHosts Remove sandbox-agent entirely (service, CORS proxy, package). Keep netty.harivan.sh vhost reserved for future use.
23 lines
481 B
Nix
23 lines
481 B
Nix
{
|
|
...
|
|
}:
|
|
let
|
|
vaultDomain = "vault.harivan.sh";
|
|
in
|
|
{
|
|
systemd.tmpfiles.rules = [
|
|
"z /var/lib/vaultwarden/vaultwarden.env 0600 vaultwarden vaultwarden -"
|
|
];
|
|
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
backupDir = "/var/backup/vaultwarden";
|
|
environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
|
|
config = {
|
|
DOMAIN = "https://${vaultDomain}";
|
|
SIGNUPS_ALLOWED = false;
|
|
ROCKET_ADDRESS = "127.0.0.1";
|
|
ROCKET_PORT = 8222;
|
|
};
|
|
};
|
|
}
|