From c75458d8c993db4dc87aff08a9bf8017d1ba21bb Mon Sep 17 00:00:00 2001 From: Antoine Martin Date: Tue, 13 Jul 2021 13:34:26 +0200 Subject: [PATCH] services: bitwarden: only listen on local host This was never a problem because the firewall did its job, but better safe than sorry. --- services/bitwarden_rs.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/services/bitwarden_rs.nix b/services/bitwarden_rs.nix index 65e3025..27ea5a2 100644 --- a/services/bitwarden_rs.nix +++ b/services/bitwarden_rs.nix @@ -47,7 +47,9 @@ in { TZ = "Europe/Paris"; WEB_VAULT_ENABLED = true; WEBSOCKET_ENABLED = true; + WEBSOCKET_ADDRESS = "127.0.0.1"; WEBSOCKET_PORT = cfg.websocketPort; + ROCKET_ADDRESS = "127.0.0.1"; ROCKET_PORT = cfg.privatePort; SIGNUPS_ALLOWED = false; INVITATIONS_ALLOWED = false;