tulg/nixdots
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

vaultwarden

Browse source
This commit is contained in:
tulg 2026-04-25 21:23:44 +03:00
parent cb702d833b
commit 72d6e48343
4 changed files with 24 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
hosts/kittykat/configuration.nix
View file

@ -24,6 +24,16 @@
openFirewall = true; openFirewall = true;
}; };
services.vaultwarden = {
enable = true;
config = {
DOMAIN = "https://vault.kittykat.poggerer.xyz";
SIGNUPS_ALLOWED = false;
ROCKET_PORT = 8222;
};
};
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = ["nix-command" "flakes"]; nix.settings.experimental-features = ["nix-command" "flakes"];
system.stateVersion = "25.05"; system.stateVersion = "25.05";

11
hosts/kittykat/traefik.nix
View file

@ -49,6 +49,12 @@
certResolver = "letsencrypt"; certResolver = "letsencrypt";
}; };
}; };
vaultwarden = {
rule = "Host(`vault.kittykat.poggerer.xyz`)";
entryPoints = ["websecure"];
service = "vaultwarden";
tls.certResolver = "letsencrypt";
};
}; };
services = { services = {
@ -59,6 +65,11 @@
]; ];
}; };
}; };
vaultwarden = {
loadBalancer.servers = [
{url = "http://127.0.0.1:8222";}
];
};
}; };
}; };
}; };

1
modules/home-manager/cli/shell.nix
View file

@ -7,6 +7,7 @@
rb = "sudo nixos-rebuild switch --flake ~/nixdots#"; rb = "sudo nixos-rebuild switch --flake ~/nixdots#";
nixtest = "sudo nixos-rebuild test --flake ~/nixdots#"; nixtest = "sudo nixos-rebuild test --flake ~/nixdots#";
infect = "nix run github:nix-community/nixos-anywhere -- -- flake"; infect = "nix run github:nix-community/nixos-anywhere -- -- flake";
deploy = "nix run github:serokell/deploy-rs --"; # deploy .#kittykat
}; };
bashrcExtra = '' bashrcExtra = ''

2
modules/nixos/networking/ssh.nix
View file

@ -1,4 +1,6 @@
{ {
networking.firewall.allowedTCPPorts = [22];
users.users."root".openssh.authorizedKeys.keys = [ users.users."root".openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file
]; ];