nix-config/hosts/franz/arion/passwords/arion-compose.nix

45 lines
1.5 KiB
Nix
Raw Normal View History

2024-03-07 16:47:24 +01:00
{pkgs, ...}: {
project.name = "passwords";
networks.dmz = {
name = "dmz";
external = true;
};
services = {
vaultwarden.service = {
2024-11-11 17:20:57 +01:00
image = "vaultwarden/server:1.32.4";
2024-03-07 16:47:24 +01:00
container_name = "vaultwarden";
labels = {
"traefik.enable" = "true";
2024-10-02 20:52:43 +02:00
"diun.enable" = "true";
2024-07-05 15:41:20 +02:00
"traefik.docker.network" = "dmz";
"traefik.http.services.vaultwarden.loadbalancer.server.port" = "80";
"traefik.http.routers.vaultwarden.service" = "vaultwarden";
2024-03-07 16:47:24 +01:00
"traefik.http.routers.vaultwarden.entrypoints" = "websecure";
2024-08-09 15:15:07 +02:00
"traefik.http.routers.vaultwarden.rule" = "Host(`vault.ghoscht.com`)";
2024-03-07 16:47:24 +01:00
"traefik.http.routers.vaultwarden.tls" = "true";
"traefik.http.routers.vaultwarden.tls.certresolver" = "letsencrypt";
2024-07-05 15:41:20 +02:00
"traefik.http.services.vaultwarden-external.loadbalancer.server.port" = "80";
"traefik.http.routers.vaultwarden-external.service" = "vaultwarden-external";
2024-08-09 15:15:07 +02:00
"traefik.http.routers.vaultwarden-external.rule" = "Host(`vault.ghoscht.com`)";
2024-07-05 15:41:20 +02:00
"traefik.http.routers.vaultwarden-external.entrypoints" = "websecure-external";
"traefik.http.routers.vaultwarden-external.tls" = "true";
"traefik.http.routers.vaultwarden-external.tls.certresolver" = "letsencrypt";
2024-03-07 16:47:24 +01:00
};
volumes = [
2024-03-31 22:05:29 +02:00
"/storage/dataset/docker/passwords/vaultwarden_data/:/data"
2024-03-07 16:47:24 +01:00
];
environment = {
DOMAIN = "http://vaultwarden.ghoscht.com";
};
restart = "always";
networks = [
"dmz"
];
};
};
}