forked from emily/nixfiles
Add basicAuth to vaultwarden admin page
This commit is contained in:
parent
db7e4b50af
commit
471e3df439
2 changed files with 11 additions and 2 deletions
|
@ -3,6 +3,10 @@
|
||||||
sopsFile = ../../secrets/services/vaultwarden.yaml;
|
sopsFile = ../../secrets/services/vaultwarden.yaml;
|
||||||
owner = "vaultwarden";
|
owner = "vaultwarden";
|
||||||
};
|
};
|
||||||
|
sops.secrets."services/vaultwarden/basicAuth" = {
|
||||||
|
sopsFile = ../../secrets/services/vaultwarden.yaml;
|
||||||
|
owner = "vaultwarden";
|
||||||
|
};
|
||||||
services.vaultwarden = {
|
services.vaultwarden = {
|
||||||
enable = true;
|
enable = true;
|
||||||
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
|
environmentFile = config.sops.secrets."services/vaultwarden/environmentFile".path;
|
||||||
|
@ -37,6 +41,10 @@
|
||||||
proxyPass = "http://[::1]:8222";
|
proxyPass = "http://[::1]:8222";
|
||||||
proxyWebsockets = true;
|
proxyWebsockets = true;
|
||||||
};
|
};
|
||||||
|
locations."/admin" = {
|
||||||
|
proxyPass = "http://[::1]:8222";
|
||||||
|
basicAuthFile = config.sops.secrets."services/vaultwarden/basicAuth".path;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
security.acme.certs."staging.vault.kyouma.net" = {};
|
security.acme.certs."staging.vault.kyouma.net" = {};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
services:
|
services:
|
||||||
vaultwarden:
|
vaultwarden:
|
||||||
environmentFile: ENC[AES256_GCM,data:qCzqf1xSqKdVin18WMOkFatuL2TTpvOEl1gFQyjBHbVuauDl4IJZ6aL+APrk7ADH78CRx5SntD6hjrI6hWea/IQsvw9feTTZkp+pG5qVvLdgPdl61cnAaZCUNvvzxE2NTFOTPriNLSRxwT8We1meyNe4CAkkKsMMVFInNarY8ZxuEEIEkBr7VfhB/EHCj72FSv1kR2zTw15n9b0gNxFwBC0jkTKTfEBoQNVtU6gmFTfXSNi92cothuTQbPxsYtbALpC3Y/aAJBT6SGODuqEHZ+B+NfYemX6eRYX89pXy3Tb0r2frK2XbWLowq7IP/w0MTGOsMV+ytiAD03wa65qUlYMejkGYFX1Q,iv:F/NXvyegyvIApdYaITAgGZxLUl99yfMbN/WSUOEKDmg=,tag:1MXqbpwPqG3v9h0X57k6kQ==,type:str]
|
environmentFile: ENC[AES256_GCM,data:qCzqf1xSqKdVin18WMOkFatuL2TTpvOEl1gFQyjBHbVuauDl4IJZ6aL+APrk7ADH78CRx5SntD6hjrI6hWea/IQsvw9feTTZkp+pG5qVvLdgPdl61cnAaZCUNvvzxE2NTFOTPriNLSRxwT8We1meyNe4CAkkKsMMVFInNarY8ZxuEEIEkBr7VfhB/EHCj72FSv1kR2zTw15n9b0gNxFwBC0jkTKTfEBoQNVtU6gmFTfXSNi92cothuTQbPxsYtbALpC3Y/aAJBT6SGODuqEHZ+B+NfYemX6eRYX89pXy3Tb0r2frK2XbWLowq7IP/w0MTGOsMV+ytiAD03wa65qUlYMejkGYFX1Q,iv:F/NXvyegyvIApdYaITAgGZxLUl99yfMbN/WSUOEKDmg=,tag:1MXqbpwPqG3v9h0X57k6kQ==,type:str]
|
||||||
|
basicAuth: ENC[AES256_GCM,data:hMVlWEM59dzp91S3iZB2jhyZE7ys3xhOlEEQSypc8daLOtJLxHTbA5HLNQ==,iv:Z5Wik8xfAV2S7DwLXcoJudB/qAAe6bjOQCV2t0Xk8zw=,tag:EpXw1AJvMFU+Td1sdMP5lQ==,type:str]
|
||||||
sops:
|
sops:
|
||||||
kms: []
|
kms: []
|
||||||
gcp_kms: []
|
gcp_kms: []
|
||||||
|
@ -16,8 +17,8 @@ sops:
|
||||||
MktVZ0VUbEFOY2xkcUhvQlBFdXhtaGMKkZrL4ePjGaV6Xa1zo+6osC6uT3YfYP/A
|
MktVZ0VUbEFOY2xkcUhvQlBFdXhtaGMKkZrL4ePjGaV6Xa1zo+6osC6uT3YfYP/A
|
||||||
Sju9hALA36ACnE3QoIE5Rnhme4KwiIA6+VZlIU4OHAB8YPIewmvCCA==
|
Sju9hALA36ACnE3QoIE5Rnhme4KwiIA6+VZlIU4OHAB8YPIewmvCCA==
|
||||||
-----END AGE ENCRYPTED FILE-----
|
-----END AGE ENCRYPTED FILE-----
|
||||||
lastmodified: "2024-05-03T13:05:08Z"
|
lastmodified: "2024-06-13T14:39:40Z"
|
||||||
mac: ENC[AES256_GCM,data:xQtCP1lRVQvr3rY/Cb3eW7tAwUSge8yFMuYSzMRUzbaNz03dHU3lhp/FGFDa1aWvbxT9YdKr4rIY2sUlMAK5ltw5uiiOXo5RA0wiC80A9bRVudnxCpF0cvwzBUZyY4I5ydAKE+peKLf76GRVE9awkZLmCu/B+P/R9AuS0GEZxKA=,iv:G3HF5py8bTnbJZBSWDHPVY6yI/ZlDaTEG0XCq0t+ykY=,tag:bs95sOcYsLn1Pls8TpqzHw==,type:str]
|
mac: ENC[AES256_GCM,data:UXyVowvw23iorkK3GODpAlujHu1W/xhZA7XB5xy/BBIDjBaKeG4Uwr3pHX05Pwy/naHLuGX3fRaEISW+gAecEfe1+fId/FJY12wu0pq2/NRVNzyhRYb1bmSc654KFJVl2hOujwBmAwmdtbbxZQU3B/mqMpol/xzWyn96zu161bo=,iv:iGcdWH/ct3Qsvkt8VQBH+UagxPs2OTArXVSjMqliOy4=,tag:KASdSTPa/tA+SUu7nshU2w==,type:str]
|
||||||
pgp:
|
pgp:
|
||||||
- created_at: "2024-06-12T20:46:24Z"
|
- created_at: "2024-06-12T20:46:24Z"
|
||||||
enc: |-
|
enc: |-
|
||||||
|
|
Loading…
Reference in a new issue