temp

2024-06-18 10:10:21 +02:00 · 2024-06-18 10:10:21 +02:00 · 93b7145e70
commit 93b7145e70
parent dc4f3160cc
3 changed files with 33 additions and 4 deletions
--- a/home/system/sops/server.nix
+++ b/home/system/sops/server.nix
@ -14,6 +14,11 @@
        owner = "nextcloud";
        group = "nextcloud";
      };
      cloudflare-apitoken = {
        path = "/etc/cloudflare/apiToken";
        owner = "cloudflare-dyndns";
        group = "cloudflare-dyndns";
      };
    };
  };
--- a/hosts/modules/server/cloudflare-dyndns.nix
+++ b/hosts/modules/server/cloudflare-dyndns.nix
@ -0,0 +1,9 @@
 {
    services.cloudflare-dyndns = {
        enable = true;
        ipv4 = true;
        domains = [ "cloud.anotherhadi.com" "vault.anotherhadi.com" "try.anotherhadi.com"];
        proxied = true;
        apiTokenFile = "/etc/cloudflare/apiToken";
    };
 }
--- a/hosts/modules/server/vaultwarden.nix
+++ b/hosts/modules/server/vaultwarden.nix
@ -1,9 +1,24 @@
 let
-
+    hostname = "vault.anotherhadi.com";
    url = "https://"+hostname;
    port = 8222;
 in{
    services.vaultwarden = {
        enable = true;
-        config = ''
+        config = {
-        
+            DOMAIN = url;
-    }
+            SIGNUPS_ALLOWED = false;
            ROCKET_ADDRESS = "127.0.0.1";
            ROCKET_PORT = port;
            ROCKET_LOG = "critical";
        };
    };
    services.nginx.virtualHosts.${hostname} = {
        enableACME = true;
        forceSSL = true;
        locations."/" = {
            proxyPass = "http://127.0.0.1:${port}";
        };
    };
  networking.firewall.allowedTCPPorts = [ port ];
 }