diff --git a/systems/etna/vaultwarden.nix b/systems/etna/vaultwarden.nix index 985d55e..92db7c6 100644 --- a/systems/etna/vaultwarden.nix +++ b/systems/etna/vaultwarden.nix @@ -11,21 +11,36 @@ in cfTunnels."bw.uku3lig.net" = "http://localhost:8222"; - services.vaultwarden = { - enable = true; - environmentFile = envFile.path; - backupDir = "/data/backups/vaultwarden"; - config = { - DOMAIN = "https://bw.uku3lig.net"; - SIGNUPS_ALLOWED = false; + services = { + vaultwarden = { + enable = true; + environmentFile = envFile.path; + # backupDir = "/data/backups/vaultwarden"; + dbBackend = "postgresql"; + config = { + DOMAIN = "https://bw.uku3lig.net"; + SIGNUPS_ALLOWED = false; - ROCKET_ADDRESS = "::1"; - ROCKET_PORT = 8222; + ROCKET_ADDRESS = "::1"; + ROCKET_PORT = 8222; - SMTP_HOST = "mx1.uku3lig.net"; - SMTP_FROM = "services@uku3lig.net"; - SMTP_PORT = 465; - SMTP_SECURITY = "force_tls"; + DATABASE_URL = "postgresql:///vaultwarden"; + + SMTP_HOST = "mx1.uku3lig.net"; + SMTP_FROM = "services@uku3lig.net"; + SMTP_PORT = 465; + SMTP_SECURITY = "force_tls"; + }; + }; + + postgresql = { + ensureDatabases = [ "vaultwarden" ]; + ensureUsers = [ + { + name = "vaultwarden"; + ensureDBOwnership = true; + } + ]; }; }; }