41 lines
793 B
Nix
41 lines
793 B
Nix
{ ... }:
|
|
|
|
let
|
|
domain = "pw.sondell.org";
|
|
port = "8222";
|
|
in
|
|
{
|
|
#
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
};
|
|
|
|
|
|
services.restic.backups = {
|
|
"vaultwarden" = {
|
|
passwordFile = "/etc/nixos/.secrets/restic_pw";
|
|
repository = "sftp:Glenn@nas:/home/back/vaultwarden/restic";
|
|
initialize = true;
|
|
paths = [
|
|
"/var/lib/bitwarden_rs"
|
|
];
|
|
user = "sondell";
|
|
timerConfig.OnCalendar = "02:05";
|
|
pruneOpts = [
|
|
"--keep-daily 10"
|
|
"--keep-weekly 5"
|
|
"--keep-monthly 12"
|
|
"--keep-yearly 75"
|
|
];
|
|
};
|
|
};
|
|
services.nginx.virtualHosts.${domain} = {
|
|
forceSSL = true;
|
|
enableACME = true;
|
|
locations."/" = {
|
|
proxyPass = "http://localhost:${port}/";
|
|
};
|
|
};
|
|
}
|
|
|