From d01028064791e06b7321c7d65fd8d55af7ddaa76 Mon Sep 17 00:00:00 2001
From: Vivian Roest <vivian@0x76.dev>
Date: Sun, 17 Oct 2021 16:00:17 +0200
Subject: [PATCH] configure vault

---
 hosts/vault/configuration.nix | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/hosts/vault/configuration.nix b/hosts/vault/configuration.nix
index 61949b08..c061b752 100644
--- a/hosts/vault/configuration.nix
+++ b/hosts/vault/configuration.nix
@@ -25,4 +25,19 @@
 
   # Additional packages
   environment.systemPackages = with pkgs; [];
+
+  # Vault
+  networking.firewall.allowedTCPPorts = [ 8200 ];
+
+  services.vault = {
+    enable = true;
+    # bin version includes the UI
+    package = pkgs.vault-bin;
+    address = "0.0.0.0:8200";
+    storageBackend = "file";
+    storagePath = "/var/lib/vault";
+    extraConfig = ''
+      ui = true
+    '';
+  };
 }