nixos/hosts/common/optional/nginx/vaultwarden.nix

{configVars, ...}: let
  email = configVars.email.user;
  domain = configVars.domains.vaultwarden;
  vaultwardenIp = configVars.networking.addresses.vaultwarden.localAddress;
  vaultwardenPort = configVars.networking.addresses.vaultwarden.port;
in {
  networking.firewall.allowedTCPPorts = [80 443];
  security.acme = {
    acceptTerms = true;
    defaults.email = email;
  };
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
    virtualHosts."password.${domain}" = {
      enableACME = true;
      forceSSL = true;
      locations."/" = {
        proxyPass = "http://${vaultwardenIp}:${toString vaultwardenPort}";
      };
    };
  };
}
nginx configs for semitamaps and vaultwarden 2025-02-07 15:03:01 +00:00			`{configVars, ...}: let`
			`email = configVars.email.user;`
			`domain = configVars.domains.vaultwarden;`
			`vaultwardenIp = configVars.networking.addresses.vaultwarden.localAddress;`
			`vaultwardenPort = configVars.networking.addresses.vaultwarden.port;`
			`in {`
			`networking.firewall.allowedTCPPorts = [80 443];`
			`security.acme = {`
			`acceptTerms = true;`
			`defaults.email = email;`
			`};`
			`services.nginx = {`
			`enable = true;`
			`recommendedProxySettings = true;`
			`recommendedTlsSettings = true;`
finalise migrate of git server to forgejo 2025-02-22 12:25:33 +00:00			`virtualHosts."password.${domain}" = {`
nginx configs for semitamaps and vaultwarden 2025-02-07 15:03:01 +00:00			`enableACME = true;`
			`forceSSL = true;`
			`locations."/" = {`
			`proxyPass = "http://${vaultwardenIp}:${toString vaultwardenPort}";`
			`};`
			`};`
			`};`
			`}`