hosts/ivy/services/vaultwarden.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
{ config, ... }:
let
PORT = config.svports.vaultwarden;
in
{
services.vaultwarden = {
enable = true;
backupDir = "/var/backups/vaultwarden";
environmentFile = "/var/secrets/vaultwarden";
config = {
DOMAIN = "https://vaultwarden.vt3e.cat";
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = PORT;
ROCKET_LOG = "critical";
SMTP_HOST = "smtp.resend.com";
SMTP_PORT = 2587;
SMTP_SECURITY = "starttls";
SMTP_FROM = "meow@mail.wlo.moe";
SMTP_FROM_NAME = "vaultmeowden";
SMTP_USER = "resend";
SMTP_USERNAME = "resend";
};
};
services.caddy.virtualHosts."vaultwarden.vt3e.cat" = {
hostName = "vaultwarden.vt3e.cat";
extraConfig = ''
encode zstd gzip
reverse_proxy :${toString PORT} {
header_up X-Real-IP {remote_host}
}
'';
};
}
|