16 lines
428 B
Nix
16 lines
428 B
Nix
{config, ...}: let
|
|
vaultEnvironment = "vaultwarden/environment";
|
|
in {
|
|
services.vaultwarden = {
|
|
enable = true;
|
|
config = with config.constants; {
|
|
# Disable signup
|
|
SIGNUPS_ALLOWED = false;
|
|
# Specify service port
|
|
ROCKET_ADDRESS = localhost;
|
|
ROCKET_PORT = port.vault;
|
|
};
|
|
environmentFile = config.sops.secrets.${vaultEnvironment}.path;
|
|
};
|
|
sops.secrets.${vaultEnvironment} = {};
|
|
}
|