diff options
Diffstat (limited to 'modules/containers/vaultwarden')
| -rw-r--r-- | modules/containers/vaultwarden/default.nix | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/modules/containers/vaultwarden/default.nix b/modules/containers/vaultwarden/default.nix new file mode 100644 index 0000000..cc6b86f --- /dev/null +++ b/modules/containers/vaultwarden/default.nix @@ -0,0 +1,34 @@ +{ lib, ... }: +let + directory = "/opt/vaultwarden"; + domain = "steel-mountain.brownbread.net"; + port = "11001"; +in +{ + systemd.tmpfiles.rules = + map (x: "d ${x} 0755 share share - -") (lib.lists.singleton directory); + + virtualisation.oci-containers.containers.vaultwarden = { + image = "vaultwarden/server:latest"; + autoStart = true; + ports = [ + "${port}:80" + ]; + volumes = [ + "${directory}/data:/data" + ]; + environment = { + DOMAIN = domain; + WEBSOCKET_ENABLED = "true"; + SIGNUPS_ALLOWED = "false"; + SHOW_PASSWORD_HINT = "false"; + }; + }; + + services.caddy.virtualHosts.${domain}.extraConfig = '' + encode zstd gzip + reverse_proxy http://localhost:${port} { + header_up X-Real-IP {remote_host} + } + ''; +} |