{ pkgs, config, ... }: { sops.secrets.vaultwarden-env = { }; services.vaultwarden = { enable = true; package = pkgs.vaultwarden-postgresql; dbBackend = "postgresql"; config = { DOMAIN = "https://vault.flake.sh/"; SIGNUPS_ALLOWED = false; DATABASE_URL = "postgresql://vaultwarden:vaultwarden@192.168.1.211:5432/vaultwarden"; LOG_LEVEL = "Info"; ROCKET_ADDRESS = "0.0.0.0"; ROCKET_PORT = 8222; ROCKET_LOG = "critical"; # mailer SMTP_HOST = "mail.smtp2go.com"; SMTP_PORT = 587; SMTP_SECURITY = "starttls"; SMTP_FROM = "vault@flake.sh"; SMTP_FROM_NAME = "Vaultwarden"; SMTP_USERNAME = "vaultwarden-mailer"; SMTP_TIMEOUT = 15; }; environmentFile = config.sops.secrets.vaultwarden-env.path; }; }