diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 41610a1..beeab84 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 + - uses: cachix/install-nix-action@V28 with: nix_path: nixpkgs=channel:nixos-unstable - name: Free Disk Space diff --git a/.github/workflows/update-flake.yml b/.github/workflows/update-flake.yml index 72e4eb3..31a89de 100644 --- a/.github/workflows/update-flake.yml +++ b/.github/workflows/update-flake.yml @@ -12,7 +12,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - name: Install Nix - uses: cachix/install-nix-action@v30 + uses: cachix/install-nix-action@V28 - name: Update flake.lock uses: DeterminateSystems/update-flake-lock@v24 with: diff --git a/home/c/programs/rbw/default.nix b/home/c/programs/rbw/default.nix index 7a1139e..a95f30a 100644 --- a/home/c/programs/rbw/default.nix +++ b/home/c/programs/rbw/default.nix @@ -3,7 +3,7 @@ enable = true; settings = { base_url = "https://vaultwarden.cleslie.uk"; - email = "vw@cleslie.uk"; + email = "cal@callumleslie.me"; pinentry = pkgs.pinentry-gnome3; }; }; diff --git a/hosts/hermes/default.nix b/hosts/hermes/default.nix index d6978bd..da82c9e 100644 --- a/hosts/hermes/default.nix +++ b/hosts/hermes/default.nix @@ -11,6 +11,5 @@ ./media.nix ./headscale.nix ./forgejo.nix - ./vaultwarden.nix ]; } diff --git a/hosts/hermes/vaultwarden.nix b/hosts/hermes/vaultwarden.nix deleted file mode 100644 index 5808748..0000000 --- a/hosts/hermes/vaultwarden.nix +++ /dev/null @@ -1,29 +0,0 @@ -{config, ...}: let - domain = "vaultwarden.cleslie.uk"; -in { - services = { - cloudflare-dyndns.domains = [domain]; - vaultwarden = { - enable = true; - dbBackend = "sqlite"; - config = { - DOMAIN = "https://${domain}"; - SIGNUPS_ALLOWED = false; - ROCKET_ADDRESS = "127.0.0.1"; - ROCKET_PORT = 8222; - ROCKET_LOG = "critical"; - }; - environmentFile = "${config.age.secrets.vaultwarden-env.path}"; - }; - - caddy.virtualHosts.${domain}.extraConfig = '' - reverse_proxy localhost:${toString config.services.vaultwarden.config.ROCKET_PORT} { - header_up X-Real-IP {remote_host} - } - ''; - }; - - age.secrets."vaultwarden-env" = { - file = ../../secrets/vaultwarden-env.age; - }; -} diff --git a/secrets/secrets.nix b/secrets/secrets.nix index f66bfbb..6aed516 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -11,5 +11,4 @@ in { "mesh-conf-cleslie.age".publicKeys = keys.c ++ allSystems; "forgejo-password.age".publicKeys = keys.c ++ [systems.hermes]; "cloudflare-api.age".publicKeys = keys.c ++ [systems.hermes]; - "vaultwarden-env.age".publicKeys = keys.c ++ [systems.hermes]; } diff --git a/secrets/vaultwarden-env.age b/secrets/vaultwarden-env.age deleted file mode 100644 index 587ca80..0000000 --- a/secrets/vaultwarden-env.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> ssh-ed25519 /RyXeg FyWjw52mFlS8j8s0hZZvu1C1jy4kFNHEMDyMer7uQjw -5nZS6DoNscDHLmB77aRfOiG/CxRDpGmo/q+2D15MrZM --> ssh-ed25519 aSaoJQ yuB2O/EitRDPlpIjTQT7lz+gLBnVTaHMgJ2enexvWnk -+2BXZOWHuIDoQfZoh5X1XIuy2HJP+tJQh7ZJ6uxI48k ---- u4zTk4QXTWj0SdzP/2aHnGsN6MHdyEAhGRzTgpIgCeE -t8XRTv`;];u]6DRzzl[6O3ŗf@ʦcEXC{ #[gbG, ApnЋU"ɺ_ɔ%DL,4&oNH&!Pwz&Æ!SH(@~~{! \ No newline at end of file