rice/hosts/ami/bitwarden.nix
buffet 3a81cc0d84
All checks were successful
/ check (pull_request) Successful in 2m51s
refactor: move repeated nginx snippets into one file
2024-06-05 11:31:12 +02:00

28 lines
597 B
Nix

{config, ...}: let
port = 12224;
in {
age.secrets.bitwarden.file = ../../secrets/bitwarden.age;
services = {
vaultwarden = {
enable = true;
environmentFile = config.age.secrets.bitwarden.path;
config = {
domain = "https://bitwarden.buffet.sh/";
signupsAllowed = false;
rocketPort = port;
};
};
nginx = {
virtualHosts."bitwarden.buffet.sh" = {
useACMEHost = "buffet.sh";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString port}";
};
};
};
};
}