nki/nix-home
1
0
Fork 0
Code Issues Pull requests 1 Packages Projects Releases Wiki Activity

Enable bitwarden admin

Browse source
This commit is contained in:
Natsu Kagami 2023-08-10 20:49:16 +02:00
parent f03b88d591
commit b0ffe238e9
Signed by: nki
GPG key ID: 55A032EB38B49ADB
3 changed files with 16 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
modules/cloud/bitwarden/default.nix
View file

@ -15,7 +15,13 @@ let
host = "bw.nkagami.me";
in
{
options.cloud.bitwarden = { };
options.cloud.bitwarden = {
envFile = mkOption {
type = types.nullOr types.path;
description = "Path to the env file containing stuff";
default = null;
};
};
config = {
# users
@ -53,10 +59,12 @@ in
DOMAIN = "https://${host}";
};
serviceConfig = {
User = user;
Group = user;
ExecStart = "${pkgs.unstable.vaultwarden-postgresql}/bin/vaultwarden";
EnvironmentFile = lists.optional (cfg.envFile != null) cfg.envFile;
LimitNOFILE = "1048576";
PrivateTmp = "true";
PrivateDevices = "true";

3
nki-personal-do/configuration.nix
View file

@ -100,6 +100,9 @@
cloud.traefik.hosts.uptime-kuma-dtth = { host = "status.dtth.ch"; port = 16904; };
cloud.traefik.hosts.uptime-kuma-codefun = { host = "status.codefun.vn"; port = 16904; };
# Bitwarden
sops.secrets.vaultwarden-env = { };
cloud.bitwarden.envFile = config.sops.secrets.vaultwarden-env.path;
# Arion
virtualisation.arion.backend = "docker";

6
nki-personal-do/secrets/secrets.yaml
View file

@ -34,6 +34,8 @@ writefreely-dtth: ENC[AES256_GCM,data:Q2b3eCr5GLLyBMrGlTUSIuMN/vZXmMZV8T56+t7Rjc
matrix-synapse-dtth:
oidc-config: ENC[AES256_GCM,data:06lv5ejqnQ1jBAhCBxXY3nNulXFnDt/S2ycma9+hlG6mSMGfRfIcfDZfKOfUUuV2uMI7ix4r0QdM3351VucvnWCZZlXz5YpVgNg1YZDvtSQxe3SJqKj/y3u+nYbPPIRgACiFpiajBeEvS/evIT8+Ty3myDVPHovYkuCb0U1eD3/xGK38lx6+H3Cjk3LyszMg1EwXdkDjbcDVYDhSEelkB9rWXH1vw5qNZOzGgIoYEe6ppMmPZjpUM9jyounuF/+FzLbkWz6YvY4zWD5fND5fFdT4AA1e1jzCLQIsaVZ8N6co5lwzfBfydLosEy+h/COv1wzvfXiEjNi4f+2Ol7kSu4+G3u3V6EcqTyVjj38oTLaAx1cG9pnPmAc/zTUCmepITAWysvuzIVd8gwde1CheANLp1WnQrAAKJiHv/6bxPoi0ROu0BpQqupU9XUcTXRysuTjBH5/ABjlvk8lTiFi8Ryt7KzC23kPWf541B8BO/yfpmq8mheMz1AYm+fkTZOqKgkfm4NStN58oiYn6NEyWpuaAx7DEUgO/MIrIKXfTzGCT++33Cnr41fLSqWgqIUhBxd9P1s3cYk942UxC2VdKf1qq6IGZK4iq8T1FUoXqmTnjEfwvTm2hDkZqwEdvkKZUolKvnsZL44KRBow/LMGGsDDFoOMsMT9MqE2fBGOudTnHncs3I/T7eEDnHH+z+60Axo6mKGwmaHRHeqeiV4OIrPmM5X8uUIWvKoNsY3UvL/VgKA2Zh7wm8irB0rgcaKDW6QMmJIxqd3RK9WwmOT4hPy/SC5nm1ZRlag/f+H6q+WOtEaK+,iv:5pYzz4QzKHVhHh+YFnerD5Q2S93stqBKILM2sxD23Fc=,tag:V0rVa/nTH3hv77Z8KOQOiw==,type:str]
appservice-discord: ENC[AES256_GCM,data:lAAEa6ltXi29+POrG87bMAvv8du3DiGYl8f7npqW0ga3YgrvofgYnC8QJUyznIQ3Ye9yWxzjzaClu7viFgkN0yIXlpENIOcSTrdlMgg5mdJ8f9elltp/VPiwVimubPa8QnpLNRy/NAEVpDFygw9VOM+Fu203M/pofK0qX6NfO9PeQGma1iKQeMKrV/6RwjF+70rnTMEhO0PCyTl2PEwZiDtkxgI7Yyl37p8bUuJ4YZ5MhZN94lODb+toPaN29BZT4q23VrJmxiW3VEeJj+tEmx4X+KeCO5AArtPl9YOkoRt/uSRKljsf109AIiclRj0wITqOx/QL2qntFuAidxTm8MoJQ6eoq/bwQp/BUpPubIMeY+z2b8XIgZGZSPZMdaObvaqDFdMLq7GW61GxYKFgNxHYA4uhndbE5VDNkcFkw4FEC5x40fwqGaunmqvAdb3p4I9EhlQ28e5S+hX1FFrMHjsJWlnjSySDRjCodJMtep19J+qVVgyf5A==,iv:PBo7+OSqBGxI7DzUpclcGWEFwTpcNqySRJzqHu7medU=,tag:fi06xru3e92WfqOJxHXd2w==,type:str]
#ENC[AES256_GCM,data:iOzQ7k/EJPjMhjdl4do0VZ0UblYW/oKzGHfdghJ7BR/QiLD5QVfwPmN7gctVftD1wAveOvdAl9s93cDBLAF5eVCi/gfTBrXJ3MKvAZ8vCEVQtdlZl37GrDCsV54EHt7I3d6F6nX9EAG0cF/pT25JyFqGDRgFUJVDPUVG7x8tr+q38BjWgNHRXQ==,iv:VOwPsPU/9jx6MAnnnS1d1JAAfKfdFqq5G64AHqJuG9A=,tag:iw11y5UXxEPxeGhykoHVkw==,type:comment]
vaultwarden-env: ENC[AES256_GCM,data:Cj1CWuPB8Tc/8E1suAoAw5MK8egzy5KLTIyIAkRuVVRNmjiBq0wEw23m4/VKz4Pq/FmUj6BGyLD0zXTp9AMlGugaDDlyihmCTt0FJOCaG3g0vrLfTY5jGnZCNR1B3fX3kf/yI/nvQsl8OqsKkTf66YznzUWtetKGa0KZICmvq/HW9Cjh+Q==,iv:Q2zGh84hPwthPeMsZbYgpZu2br2rWtaG6rcsKjtlUvQ=,tag:IllbcJz91qg08IFU1vnMWA==,type:str]
sops:
kms: []
gcp_kms: []
@ -67,8 +69,8 @@ sops:
by9kZFlTRVdCZFkxYTVVb0RIRk8zUlkKCqMw9oL9RaYBV5Hhy3o8Nm5xmGrPH8Sd
hv36sxRFFNZT/DCKaHaSRbT3mfpBZSTXJt1dgl4nZe6whH54t/1KmA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2023-06-24T15:00:57Z"
mac: ENC[AES256_GCM,data:YScpMiCWfnVj9BhFGxcYwZ1+Su/nKiCS4EKTDrxjzQWHn/2nlJm1aOQ8NnP1xOaWj50STCLu32Zb1Gw+9JMejti4d90xit9WP0KpwmiHjPN5NjiM90DUkXD/Oz5BAQ0XKvjYnjrKMo/b+WQjuCzR9DfGNLIAFyPlzbfT/90pH80=,iv:OygOtvtKJ4/0+rt9Y49vgjU4hRpWL4rY8iOP8zIZh5w=,tag:ckjytQvd8h8TGZuob2wqJg==,type:str]
lastmodified: "2023-08-09T07:39:16Z"
mac: ENC[AES256_GCM,data:xljlzQbsRf+JRlL/N/DEW6rta392Yk/DzKN5goyJlMuAZq56E1GQYSflS2bKQQlEIKv+y/jzsFPQpe2qeIdNhvjb2c6G/WjvBiodYZ4O5tnih9Aou86H1zr3qdtc55ovgOg3WwzKJhe1KAeAPXn7T+7xSpZ3ATrN0Pe0r+r/IjY=,iv:EmpuS5jv8jBXouwsDH8MpmeRvhJoF1rDDdc79/euzYg=,tag:II4M1FrS6foUiKe55cOpfQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.7.3