vaultwarden: Fix secret owner

This commit is contained in:
emily 2024-10-03 14:50:51 +02:00
parent a698502f25
commit eac20c1f2e
Signed by: emily
GPG key ID: F6F4C66207FCF995

View file

@ -5,14 +5,14 @@
};
sops.secrets."services/vaultwarden/basicAuth" = {
sopsFile = ../../secrets/services/vaultwarden.yaml;
owner = "vaultwarden";
owner = "nginx";
};
services.vaultwarden = {
enable = true;
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
backupDir = "/var/backup/bitwarden_rs";
config = {
DOMAIN = "https://staging.vault.kyouma.net";
DOMAIN = "https://vault.kyouma.net";
DATABASE_MAX_CONNS = 15;
WEB_VAULT_ENABLED = true;
WEBSOCKET_ADDRESS = "::1";
@ -33,10 +33,10 @@
SMTP_SECURITY = "starttls";
SMTP_PORT = 587;
ROCKET_ADDRESS = "::1";
ROCKET_PORT = "8222";
ROCKET_PORT = 8222;
};
};
kyouma.nginx.virtualHosts."staging.vault.kyouma.net" = {
kyouma.nginx.virtualHosts."vault.kyouma.net" = {
locations."/" = {
proxyPass = "http://[::1]:8222";
proxyWebsockets = true;
@ -46,5 +46,5 @@
basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
};
};
security.acme.certs."staging.vault.kyouma.net" = {};
security.acme.certs."vault.kyouma.net" = {};
}