finally works

2026-02-09 13:09:23 +01:00 · 2026-02-09 13:09:23 +01:00 · 7019a80883
commit 7019a80883
parent 18f05807d2
2 changed files with 23 additions and 16 deletions
--- a/modules/containers/vaultwarden.nix
+++ b/modules/containers/vaultwarden.nix
@ -15,7 +15,7 @@
 in {
  options = {
    horseman.containers.vaultwarden = {
-      enable = mkEnableOption "forgejo containers";
+      enable = mkEnableOption "Password manager";

      port = mkOption {
        default = 3000;
@ -66,25 +66,16 @@ in {
        pkgs,
        ...
      }: {
-        environment.variables = {
-          ROCKET_ADDRESS = "127.0.0.1";
-          ROCKET_PORT = toString cfg.port;
-          WEB_VAULT_ENABLED = "false";
-        };
+        environment.systemPackages = with pkgs; [
+          vaultwarden.webvault
+        ];

        services.vaultwarden = {
          enable = true;
-          backupDir = "/var/local/vaultwarden/backup";
-          # in order to avoid having  ADMIN_TOKEN in the nix store it can be also set with the help of an environment file
-          # be aware that this file must be created by hand (or via secrets management like sops)
-          environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
          config = {
-            DOMAIN = cfg.url;
-            SIGNUPS_ALLOWED = false;
-
-            ROCKET_ADDRESS = "127.0.0.1";
            ROCKET_PORT = cfg.port;
-            ROCKET_LOG = "critical";
+            ROCKET_ADDRESS = "0.0.0.0";
+            WEB_VAULT_FOLDER = "${pkgs.vaultwarden.webvault}/share/vaultwarden/vault";
          };
        };