katzen-cafe/modules/vaultwarden.nix

28 lines
760 B
Nix

{ pkgs, ... }:
{
services.vaultwarden = {
enable = true;
environmentFile = "/var/lib/secrets/vaultwarden.env";
config = {
WEBSOCKET_ENABLED = true;
WEBSOCKET_ADDRESS = "127.0.0.1";
WEBSOCKET_PORT = 3012;
SMTP_HOST = "mail.katzen.cafe";
SMTP_FROM = "noreply@katzen.cafe";
SMTP_FROM_NAME = "Katzen.cafe Vaultwarden";
SMTP_PORT = "465";
SMTP_USERNAME = "noreply@katzen.cafe";
SMTP_SECURITY = "force_tls";
DOMAIN = "https://vw.katzen.cafe";
SIGNUPS_ALLOWED = false;
ROCKET_PORT = 8812;
};
};
deployment.keys = {
"vaultwarden.env" = {
keyCommand = [ "pass" "vaultwarden/envfile" ];
destDir = "/var/lib/secrets";
user = "vaultwarden";
};
};
}