vaultwarden: Fix secret owner

2024-10-03 14:50:51 +02:00 · 2024-10-03 14:50:51 +02:00 · eac20c1f2e
parent a698502f25
commit eac20c1f2e
1 changed files with 5 additions and 5 deletions
--- a/config/services/vaultwarden.nix
+++ b/config/services/vaultwarden.nix
@ -5,14 +5,14 @@
  };
  sops.secrets."services/vaultwarden/basicAuth" = {
    sopsFile = ../../secrets/services/vaultwarden.yaml;
-    owner = "vaultwarden";
+    owner = "nginx";
  };
  services.vaultwarden = {
    enable = true;
    environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
    backupDir = "/var/backup/bitwarden_rs";
    config = {
-      DOMAIN = "https://staging.vault.kyouma.net";
+      DOMAIN = "https://vault.kyouma.net";
      DATABASE_MAX_CONNS = 15;
      WEB_VAULT_ENABLED = true;
      WEBSOCKET_ADDRESS = "::1";
@ -33,10 +33,10 @@
      SMTP_SECURITY = "starttls";
      SMTP_PORT = 587;
      ROCKET_ADDRESS = "::1";
-      ROCKET_PORT = "8222";
+      ROCKET_PORT = 8222;
    };
  };
-  kyouma.nginx.virtualHosts."staging.vault.kyouma.net" = {
+  kyouma.nginx.virtualHosts."vault.kyouma.net" = {
    locations."/" = {
      proxyPass = "http://[::1]:8222";
      proxyWebsockets = true;
@ -46,5 +46,5 @@
      basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
    };
  };
-  security.acme.certs."staging.vault.kyouma.net" = {};
+  security.acme.certs."vault.kyouma.net" = {};
 }