From e0c474c81d1bc4de50eac3845fa0afaad73010a4 Mon Sep 17 00:00:00 2001 From: xinyangli Date: Sun, 23 Mar 2025 21:37:29 +0800 Subject: [PATCH] biotite/vaultwarden: enable admin page --- machines/biotite/secrets.yaml | 8 +++++--- machines/biotite/services/vaultwarden.nix | 13 +++++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/machines/biotite/secrets.yaml b/machines/biotite/secrets.yaml index 1e71c85..2e133ac 100644 --- a/machines/biotite/secrets.yaml +++ b/machines/biotite/secrets.yaml @@ -11,6 +11,8 @@ hedgedoc: client_secret: ENC[AES256_GCM,data:J6lRBM7V6F+gPYVyEbOzsFUQe8+3ggP0r58c655DNt7TGgKGdq95pRvLaghMmBCc,iv:i+eLYwnmG1/bKtad2iM2pwEAC3GZLNaKS5ldbubRvyY=,tag:yxaug6YdYo8RR3YOyHd/iA==,type:str] forgejo: client_secret: ENC[AES256_GCM,data:5OXhaGzBCbge2tvTaU4ry6/KoavQeYJ45EuakCQJlxb5gMXjRK/s+feF25YJSr2f,iv:TT8j+ciKeSQCZzu1E7D70hWNFpn0cGiomz7jURXjavc=,tag:JVJR033Pc2vaLudaovkl8w==,type:str] +vaultwarden: + admin_token: ENC[AES256_GCM,data:hRmnuehfMk3bF7tkxShnAGH1OB/yyCyaJqhdJQvSmVMtr6Cz7j1ZEeqfRI+jrqOi,iv:xYmP0Kwp5XkCcJWjqLwFOxRtUxIUH1r1fLUr5xyvpWo=,tag:Yj2nME07cA+ve3ipN6Ehqg==,type:str] sops: kms: [] gcp_kms: [] @@ -35,8 +37,8 @@ sops: RzBMVDNjS29SUkdRK3dIV01sU0hYR3cK1SbvKAM6Gpsffv3HIi/WtWnCZUBic0AT ZRv4pvJBx1oxWsKIHW0t6VrqWMQ+suup8p6dW+h5HE8Z4ciIMrXLEg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-12-04T05:07:32Z" - mac: ENC[AES256_GCM,data:hD7645epMVYHU6K1AZsHu+fp/PMIqqiZpv7K4Vxzo84slzn0CfZSYaVaYxKNGjOIgEGN9D2FFmq9WL6ChMskMfqqafY7qDpSQqFp9TUwb5jN34XcQg9vplfNw+lMqsnDCt1HENWErRnlDxTI2ctSEcx3UKGBOQ3ttLzUIySdnFY=,iv:reOsqvc8E3l8yxb5gVcqF/rU2o2yKmaUyGNRNT+Skx8=,tag:eBoV8G+X0cPs3Q1xAuv55w==,type:str] + lastmodified: "2025-03-23T13:32:31Z" + mac: ENC[AES256_GCM,data:9xbcK+hl+tZTyikCpIOY6YBgaY8AOvaekyKTbQ47KJkQeNb3eyfAxBB1kivu/LU8H8pWWST8GpL/umllbwMzjRLVXU63CQle5cDuDVq9ySPMdxhmxyZ23bKJp7jUzTrGQMm+jnguCuCMxEeDo+R0ZD8a2nvbBT1XKYyVFSBB/0E=,iv:D5RrNSRa7bxivGCu24YT0nO0vuorSEK1VNVOEsJIfaA=,tag:xXXk9uCqZpr4RYqfnF0Ogw==,type:str] pgp: [] unencrypted_suffix: _unencrypted - version: 3.9.1 + version: 3.9.4 diff --git a/machines/biotite/services/vaultwarden.nix b/machines/biotite/services/vaultwarden.nix index f7c55c3..1625108 100644 --- a/machines/biotite/services/vaultwarden.nix +++ b/machines/biotite/services/vaultwarden.nix @@ -3,6 +3,18 @@ let inherit (config.my-lib.settings) vaultwardenUrl; in { + + sops.secrets."vaultwarden/admin_token" = { + owner = "vaultwarden"; + }; + + sops.templates."vaultwarden.env" = { + owner = "vaultwarden"; + content = '' + ADMIN_TOKEN=${config.sops.placeholder."vaultwarden/admin_token"} + ''; + }; + services.vaultwarden = { enable = true; dbBackend = "sqlite"; @@ -15,6 +27,7 @@ in ROCKET_LOG = "normal"; }; + environmentFile = config.sops.templates."vaultwarden.env".path; }; services.caddy = {