This commit is contained in:
Jade 2023-05-22 19:02:49 +02:00
parent 928f970d55
commit ad663f501e
3 changed files with 25 additions and 1 deletions

View file

@ -15,7 +15,8 @@
hostPkgs = import nixpkgs { system = "x86_64-linux"; }; hostPkgs = import nixpkgs { system = "x86_64-linux"; };
in { in {
devShell."x86_64-linux" = with hostPkgs; mkShell { devShell."x86_64-linux" = with hostPkgs; mkShell {
buildInputs = [ colmena ]; buildInputs = [ colmena vault ];
VAULT_ADDR = "https://hc-vault.katzen.cafe";
}; };
colmena = { colmena = {
meta = { meta = {
@ -50,6 +51,7 @@
./modules/mumble.nix ./modules/mumble.nix
./modules/modded-mc.nix ./modules/modded-mc.nix
#./modules/prosody.nix #./modules/prosody.nix
./modules/vault.nix
]; ];
system.stateVersion = "22.11"; system.stateVersion = "22.11";

View file

@ -35,6 +35,10 @@
group = "murmur"; group = "murmur";
keyType = "rsa4096"; keyType = "rsa4096";
}; };
"hc-vault.katzen.cafe" = {
group = "nginx";
keyType = "rsa4096";
};
# "prosody.katzen.cafe" = { # "prosody.katzen.cafe" = {
# group = "prosody"; # group = "prosody";
# keyType = "rsa4096"; # keyType = "rsa4096";
@ -110,6 +114,13 @@
proxyPass = "http://127.0.0.2:8081"; proxyPass = "http://127.0.0.2:8081";
}; };
}; };
"hc-vault.katzen.cafe" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8200";
};
};
}; };
}; };
} }

11
modules/vault.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, ... }:
{
services.vault = {
enable = true;
package = pkgs.vault-bin;
storageBackend = "file";
extraConfig = ''
ui = true
'';
};
}