nixos-selfhost/vaultwarden.nix

39 lines
818 B
Nix
Raw Permalink Normal View History

2024-10-23 15:05:38 +02:00
{...}: let
2024-05-03 07:39:16 +02:00
domain = "pw.sondell.org";
port = "8222";
2024-10-23 15:05:38 +02:00
in {
#
2024-05-03 07:39:16 +02:00
services.vaultwarden = {
enable = true;
2024-10-23 15:05:38 +02:00
config = {
ROCKET_ADDRESS = "::1";
ROCKET_PORT = 8222;
SIGNUPS_ALLOWED = false;
};
2024-05-03 07:39:16 +02:00
};
2024-06-25 15:22:17 +02:00
services.restic.backups = {
2024-10-23 15:05:38 +02:00
"vaultwarden" = {
passwordFile = "/etc/nixos/.secrets/restic_pw";
repository = "sftp:Glenn@nas:/home/back/vaultwarden/restic";
initialize = true;
paths = [
"/var/lib/bitwarden_rs"
];
2024-11-26 13:08:29 +01:00
user = "root";
2024-10-23 15:05:38 +02:00
timerConfig.OnCalendar = "02:05";
pruneOpts = [
"--keep-daily 10"
"--keep-weekly 5"
"--keep-monthly 12"
"--keep-yearly 75"
];
};
2024-06-25 15:22:17 +02:00
};
2024-05-03 07:39:16 +02:00
services.nginx.virtualHosts.${domain} = {
locations."/" = {
proxyPass = "http://localhost:${port}/";
};
};
}