49 lines
1.2 KiB
Nix
49 lines
1.2 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
|
|
{
|
|
options = {
|
|
server.misc.vaultwarden = {
|
|
enable = lib.mkEnableOption "enable dawarich";
|
|
port = lib.mkOption {
|
|
default = 8000;
|
|
description = "vaultwarden port";
|
|
};
|
|
public = lib.mkEnableOption "make vaultwarden public";
|
|
subdomain = lib.mkOption {
|
|
default = "vault";
|
|
description = "vaultwarden subdomain";
|
|
};
|
|
};
|
|
};
|
|
config = {
|
|
services = {
|
|
vaultwarden = {
|
|
enable = true;
|
|
config = {
|
|
DOMAIN = "https://${config.server.misc.vaultwarden.subdomain}.${config.networking.domain}";
|
|
SIGNUPS_ALLOWED = false;
|
|
};
|
|
};
|
|
nginx = {
|
|
virtualHosts = {
|
|
"${config.server.misc.vaultwarden.subdomain}.${config.networking.domain}" =
|
|
if config.server.misc.vaultwarden.public then
|
|
{
|
|
enableACME = true;
|
|
forceSSL = true;
|
|
locations."/" = {
|
|
proxyPass = "http://127.0.0.1:${toString config.server.misc.vaultwarden.port}";
|
|
};
|
|
}
|
|
else
|
|
{ };
|
|
};
|
|
};
|
|
};
|
|
};
|
|
}
|