vaultwarden!!

2023-09-05 17:44:35 -06:00 · 2023-09-05 17:44:35 -06:00 · 9898c6fd26
commit 9898c6fd26
parent 12efec0281
2 changed files with 32 additions and 6 deletions
--- a/nginx.nix
+++ b/nginx.nix
@ -1,4 +1,5 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
+
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
@ -15,10 +16,10 @@ let
  bazarrPort = 6767;
  sonarrPort = 8989;
  prowlarrPort = 9696;
-  vaultPort = 9666;
  searxPort = 8080;
  kavitaPort = 5000;
  nextcloudPort = 80;
+  vaultPort = config.services.vaultwarden.config.ROCKET_PORT;
 in {
  services.nginx = {
    enable = true;
--- a/servers.nix
+++ b/servers.nix
@ -46,16 +46,36 @@ in {
      group = "piracy";
    };
  in {
+    sonarr = base // { package = unstable.pkgs.sonarr; };
+    radarr = base // { package = unstable.pkgs.radarr; };
+    bazarr = base // { };
+    jellyfin = base // { };
    prowlarr.enable = true;
+    vaultwarden = {
+      enable = true;
+      dbBackend = "postgresql";
+      package = unstable.pkgs.vaultwarden;
+      config = {
+        ROCKET_ADDRESS = "127.0.0.1";
+        ROCKET_PORT = 8222;
+        WEBSOCKET_PORT = 8333;
+        ADMIN_TOKEN =
+          "x9BLqz2QmnU5RmrMLt2kPpoPBTNPZxNFw/b8XrPgpQML2/01+MYENl87dmhDX+Jm";
+        DATABASE_URL =
+          "postgresql://vaultwarden:sopacerias@127.0.0.1:5432/vaultwarden";
+        ENABLE_DB_WAL = false;
+        WEBSOCKET_ENABLED = true;
+        SHOW_PASSWORD_HINT = false;
+        SIGNUPS_ALLOWED = false;
+        EXTENDED_LOGGING = true;
+        LOG_LEVEL = "warn";
+      };
+    };
    kavita = {
      enable = true;
      tokenKeyFile = "${pkgs.writeText "kavitaToken"
        "Au002BRkRxBjlQrmWSuXWTGUcpXZjzMo2nJ0Z4g4OZ1S4c2zp6oaesGUXzKp2mhvOwjju002BNoURG3CRIE2qnGybvOgAlDxAZCPBzSNRcx6RJ1lFRgvI8wQR6Nd5ivYX0RMo4S8yOH8XIDhzN6vNo31rCjyv2IycX0JqiJPIovfbvXn9Y="}";
    };
-    sonarr = base // { package = unstable.pkgs.sonarr; };
-    radarr = base // { package = unstable.pkgs.radarr; };
-    bazarr = base // { };
-    jellyfin = base // { };
    nextcloud = {
      enable = true;
      https = true;
@ -116,7 +136,7 @@ in {
    };
    postgresql = {
      enable = true;
-      ensureDatabases = [ "paperless" "nextcloud" "mealie" ];
+      ensureDatabases = [ "paperless" "nextcloud" "mealie" "vaultwarden" ];
      ensureUsers = [
        {
          name = "nextcloud";
@ -130,6 +150,10 @@ in {
          name = "mealie";
          ensurePermissions = { "DATABASE mealie" = "ALL PRIVILEGES"; };
        }
+        {
+          name = "vaultwarden";
+          ensurePermissions = { "DATABASE vaultwarden" = "ALL PRIVILEGES"; };
+        }
      ];
      authentication = pkgs.lib.mkOverride 10 ''
        local all all              trust
@ -138,6 +162,7 @@ in {
      '';
    };
  };
+  environment.systemPackages = with pkgs; [ docker-compose ];
  virtualisation.docker = {
    enable = true;
    storageDriver = "btrfs";