diff options
author | networkException <git@nwex.de> | 2024-04-24 15:19:33 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-24 15:19:33 +0200 |
commit | 3dd970f993609c4ba6bbb95c65fd8e5a5cadb09f (patch) | |
tree | 29f7a8b9073f93d90e13423257fbdf10c555869d /nixos/modules/services/security | |
parent | db9627d93457466eef038192e36cb3748e799b36 (diff) |
nixos/vaultwarden: drop outdated ownership requirements for environmentFile (#304825)
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
Diffstat (limited to 'nixos/modules/services/security')
-rw-r--r-- | nixos/modules/services/security/vaultwarden/default.nix | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/nixos/modules/services/security/vaultwarden/default.nix b/nixos/modules/services/security/vaultwarden/default.nix index b2920931f9a9e..33957be437b30 100644 --- a/nixos/modules/services/security/vaultwarden/default.nix +++ b/nixos/modules/services/security/vaultwarden/default.nix @@ -131,21 +131,13 @@ in { Additional environment file as defined in {manpage}`systemd.exec(5)`. Secrets like {env}`ADMIN_TOKEN` and {env}`SMTP_PASSWORD` - may be passed to the service without adding them to the world-readable Nix store. + should be passed to the service without adding them to the world-readable Nix store. - Note that this file needs to be available on the host on which - `vaultwarden` is running. + Note that this file needs to be available on the host on which `vaultwarden` is running. - As a concrete example, to make the Admin UI available - (from which new users can be invited initially), + As a concrete example, to make the Admin UI available (from which new users can be invited initially), the secret {env}`ADMIN_TOKEN` needs to be defined as described - [here](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page). - Setting `environmentFile` to `/var/lib/vaultwarden.env` - and ensuring permissions with e.g. - `chown vaultwarden:vaultwarden /var/lib/vaultwarden.env` - (the `vaultwarden` user will only exist after activating with - `enable = true;` before this), we can set the contents of the file to have - contents such as: + [here](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page): ``` # Admin secret token, see |