From bd3ded3f4864e1b88da338a43d6f72b06e7f669e Mon Sep 17 00:00:00 2001
From: Tasia Iso <tasiaiso@proton.me>
Date: Mon, 3 Feb 2025 00:17:32 +0100
Subject: [PATCH] s

---
 hosts/vulpecula-vps/vaultwarden.nix | 29 +----------------------------
 1 file changed, 1 insertion(+), 28 deletions(-)

diff --git a/hosts/vulpecula-vps/vaultwarden.nix b/hosts/vulpecula-vps/vaultwarden.nix
index 2b9fd42..c186b35 100644
--- a/hosts/vulpecula-vps/vaultwarden.nix
+++ b/hosts/vulpecula-vps/vaultwarden.nix
@@ -12,37 +12,10 @@
 
   services.vaultwarden.config = {
     DOMAIN = "https://vault.vulpecula.zone";
-    SIGNUPS_ALLOWED = true;
+    SIGNUPS_ALLOWED = false;
 
-    # Vaultwarden currently recommends running behind a reverse proxy
-    # (nginx or similar) for TLS termination, see
-    # https://github.com/dani-garcia/vaultwarden/wiki/Hardening-Guide#reverse-proxying
-    # > you should avoid enabling HTTPS via vaultwarden's built-in Rocket TLS support,
-    # > especially if your instance is publicly accessible.
-    #
-    # A suitable NixOS nginx reverse proxy example config might be:
-    #
-    #     services.nginx.virtualHosts."bitwarden.example.com" = {
-    #       enableACME = true;
-    #       forceSSL = true;
-    #       locations."/" = {
-    #         proxyPass = "http://127.0.0.1:${toString config.services.vaultwarden.config.ROCKET_PORT}";
-    #       };
-    #     };
     ROCKET_ADDRESS = "127.0.0.1";
     ROCKET_PORT = 62107;
-
     ROCKET_LOG = "critical";
-
-    # This example assumes a mailserver running on localhost,
-    # thus without transport encryption.
-    # If you use an external mail server, follow:
-    #   https://github.com/dani-garcia/vaultwarden/wiki/SMTP-configuration
-    # SMTP_HOST = "127.0.0.1";
-    # SMTP_PORT = 25;
-    # SMTP_SSL = false;
-
-    # SMTP_FROM = "admin@bitwarden.example.com";
-    # SMTP_FROM_NAME = "example.com Bitwarden server";
   };
 }