vaultwarden: Fix secret owner
This commit is contained in:
parent
a698502f25
commit
eac20c1f2e
1 changed files with 5 additions and 5 deletions
|
@ -5,14 +5,14 @@
|
||||||
};
|
};
|
||||||
sops.secrets."services/vaultwarden/basicAuth" = {
|
sops.secrets."services/vaultwarden/basicAuth" = {
|
||||||
sopsFile = ../../secrets/services/vaultwarden.yaml;
|
sopsFile = ../../secrets/services/vaultwarden.yaml;
|
||||||
owner = "vaultwarden";
|
owner = "nginx";
|
||||||
};
|
};
|
||||||
services.vaultwarden = {
|
services.vaultwarden = {
|
||||||
enable = true;
|
enable = true;
|
||||||
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
|
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
|
||||||
backupDir = "/var/backup/bitwarden_rs";
|
backupDir = "/var/backup/bitwarden_rs";
|
||||||
config = {
|
config = {
|
||||||
DOMAIN = "https://staging.vault.kyouma.net";
|
DOMAIN = "https://vault.kyouma.net";
|
||||||
DATABASE_MAX_CONNS = 15;
|
DATABASE_MAX_CONNS = 15;
|
||||||
WEB_VAULT_ENABLED = true;
|
WEB_VAULT_ENABLED = true;
|
||||||
WEBSOCKET_ADDRESS = "::1";
|
WEBSOCKET_ADDRESS = "::1";
|
||||||
|
@ -33,10 +33,10 @@
|
||||||
SMTP_SECURITY = "starttls";
|
SMTP_SECURITY = "starttls";
|
||||||
SMTP_PORT = 587;
|
SMTP_PORT = 587;
|
||||||
ROCKET_ADDRESS = "::1";
|
ROCKET_ADDRESS = "::1";
|
||||||
ROCKET_PORT = "8222";
|
ROCKET_PORT = 8222;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
kyouma.nginx.virtualHosts."staging.vault.kyouma.net" = {
|
kyouma.nginx.virtualHosts."vault.kyouma.net" = {
|
||||||
locations."/" = {
|
locations."/" = {
|
||||||
proxyPass = "http://[::1]:8222";
|
proxyPass = "http://[::1]:8222";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
|
@ -46,5 +46,5 @@
|
||||||
basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
|
basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
security.acme.certs."staging.vault.kyouma.net" = {};
|
security.acme.certs."vault.kyouma.net" = {};
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue