emily/nixfiles
emily/nixfiles
1
0
Fork 0
Code Issues Pull requests Activity

Add basicAuth to vaultwarden admin page

Browse source
This commit is contained in:
emily 2024-06-13 16:45:05 +02:00
parent db7e4b50af
commit 471e3df439
Signed by: emily
GPG key ID: F6F4C66207FCF995
2 changed files with 11 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
config/services/vaultwarden.nix
View file

@ -3,6 +3,10 @@
sopsFile = ../../secrets/services/vaultwarden.yaml; sopsFile = ../../secrets/services/vaultwarden.yaml;
owner = "vaultwarden"; owner = "vaultwarden";
}; };
sops.secrets."services/vaultwarden/basicAuth" = {
sopsFile = ../../secrets/services/vaultwarden.yaml;
owner = "vaultwarden";
};
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path; environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
@ -37,6 +41,10 @@
proxyPass = "http://[::1]:8222"; proxyPass = "http://[::1]:8222";
proxyWebsockets = true; proxyWebsockets = true;
}; };
locations."/admin" = {
proxyPass = "http://[::1]:8222";
basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
};
}; };
security.acme.certs."staging.vault.kyouma.net" = {}; security.acme.certs."staging.vault.kyouma.net" = {};
} }

5
secrets/services/vaultwarden.yaml
View file

@ -1,6 +1,7 @@
services: services:
vaultwarden: vaultwarden:
environmentFile: ENC[AES256_GCM,data:qCzqf1xSqKdVin18WMOkFatuL2TTpvOEl1gFQyjBHbVuauDl4IJZ6aL+APrk7ADH78CRx5SntD6hjrI6hWea/IQsvw9feTTZkp+pG5qVvLdgPdl61cnAaZCUNvvzxE2NTFOTPriNLSRxwT8We1meyNe4CAkkKsMMVFInNarY8ZxuEEIEkBr7VfhB/EHCj72FSv1kR2zTw15n9b0gNxFwBC0jkTKTfEBoQNVtU6gmFTfXSNi92cothuTQbPxsYtbALpC3Y/aAJBT6SGODuqEHZ+B+NfYemX6eRYX89pXy3Tb0r2frK2XbWLowq7IP/w0MTGOsMV+ytiAD03wa65qUlYMejkGYFX1Q,iv:F/NXvyegyvIApdYaITAgGZxLUl99yfMbN/WSUOEKDmg=,tag:1MXqbpwPqG3v9h0X57k6kQ==,type:str] environmentFile: ENC[AES256_GCM,data:qCzqf1xSqKdVin18WMOkFatuL2TTpvOEl1gFQyjBHbVuauDl4IJZ6aL+APrk7ADH78CRx5SntD6hjrI6hWea/IQsvw9feTTZkp+pG5qVvLdgPdl61cnAaZCUNvvzxE2NTFOTPriNLSRxwT8We1meyNe4CAkkKsMMVFInNarY8ZxuEEIEkBr7VfhB/EHCj72FSv1kR2zTw15n9b0gNxFwBC0jkTKTfEBoQNVtU6gmFTfXSNi92cothuTQbPxsYtbALpC3Y/aAJBT6SGODuqEHZ+B+NfYemX6eRYX89pXy3Tb0r2frK2XbWLowq7IP/w0MTGOsMV+ytiAD03wa65qUlYMejkGYFX1Q,iv:F/NXvyegyvIApdYaITAgGZxLUl99yfMbN/WSUOEKDmg=,tag:1MXqbpwPqG3v9h0X57k6kQ==,type:str]
basicAuth: ENC[AES256_GCM,data:hMVlWEM59dzp91S3iZB2jhyZE7ys3xhOlEEQSypc8daLOtJLxHTbA5HLNQ==,iv:Z5Wik8xfAV2S7DwLXcoJudB/qAAe6bjOQCV2t0Xk8zw=,tag:EpXw1AJvMFU+Td1sdMP5lQ==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -16,8 +17,8 @@ sops:
MktVZ0VUbEFOY2xkcUhvQlBFdXhtaGMKkZrL4ePjGaV6Xa1zo+6osC6uT3YfYP/A MktVZ0VUbEFOY2xkcUhvQlBFdXhtaGMKkZrL4ePjGaV6Xa1zo+6osC6uT3YfYP/A
Sju9hALA36ACnE3QoIE5Rnhme4KwiIA6+VZlIU4OHAB8YPIewmvCCA== Sju9hALA36ACnE3QoIE5Rnhme4KwiIA6+VZlIU4OHAB8YPIewmvCCA==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-05-03T13:05:08Z" lastmodified: "2024-06-13T14:39:40Z"
mac: ENC[AES256_GCM,data:xQtCP1lRVQvr3rY/Cb3eW7tAwUSge8yFMuYSzMRUzbaNz03dHU3lhp/FGFDa1aWvbxT9YdKr4rIY2sUlMAK5ltw5uiiOXo5RA0wiC80A9bRVudnxCpF0cvwzBUZyY4I5ydAKE+peKLf76GRVE9awkZLmCu/B+P/R9AuS0GEZxKA=,iv:G3HF5py8bTnbJZBSWDHPVY6yI/ZlDaTEG0XCq0t+ykY=,tag:bs95sOcYsLn1Pls8TpqzHw==,type:str] mac: ENC[AES256_GCM,data:UXyVowvw23iorkK3GODpAlujHu1W/xhZA7XB5xy/BBIDjBaKeG4Uwr3pHX05Pwy/naHLuGX3fRaEISW+gAecEfe1+fId/FJY12wu0pq2/NRVNzyhRYb1bmSc654KFJVl2hOujwBmAwmdtbbxZQU3B/mqMpol/xzWyn96zu161bo=,iv:iGcdWH/ct3Qsvkt8VQBH+UagxPs2OTArXVSjMqliOy4=,tag:KASdSTPa/tA+SUu7nshU2w==,type:str]
pgp: pgp:
- created_at: "2024-06-12T20:46:24Z" - created_at: "2024-06-12T20:46:24Z"
enc: |- enc: |-