Changed vault warden to use nginx

2025-03-03 12:44:28 +01:00 · 2025-03-03 12:44:28 +01:00 · 37bad01424
parent 5832a92555
commit 37bad01424
1 changed files with 12 additions and 9 deletions
--- a/services/vaultwarden.nix
+++ b/services/vaultwarden.nix
@ -1,7 +1,9 @@
-{...}: let
+{ config, ... }:
+let
  host = "127.0.0.1";
  port = 8222;
-in {
+in
+{
  services.vaultwarden = {
    enable = true;

@ -22,13 +24,14 @@ in {
    };
  };

-  networking.firewall.allowedTCPPorts = [port];
-  networking.firewall.allowedUDPPorts = [port];
+  networking.firewall.allowedTCPPorts = [ port ];
+  networking.firewall.allowedUDPPorts = [ port ];

-  services.caddy = {
-    enable = true;
-    virtualHosts."bitwarden.spoodythe.one".extraConfig = ''
-      reverse_proxy * ${host}:${toString port}
-    '';
+  services.nginx.virtualHosts."bitwarden.spoodythe.one" = {
+    enableACME = true;
+    forceSSL = true;
+    locations."/" = {
+      proxyPass = "http://${host}:${toString port}";
+    };
  };
 }