2020-01-17 21:00:14 +00:00
|
|
|
---
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_version: latest
|
|
|
|
vaultwarden_image: "thegeeklab/vaultwarden:{{ vaultwarden_version }}"
|
|
|
|
vaultwarden_base_url: "http://localhost/"
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_service_directory: /var/lib/docker/services/vaultwarden
|
|
|
|
vaultwarden_container_name: vaultwarden
|
|
|
|
vaultwarden_restart_policy: always
|
|
|
|
vaultwarden_service_stopped: False
|
2020-06-20 13:29:36 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_networks:example: >
|
|
|
|
# vaultwarden_networks:
|
2020-06-20 13:29:36 +00:00
|
|
|
# - name: default
|
|
|
|
# # optional network driver, defaults to 'bride'
|
|
|
|
# driver: host
|
2020-01-20 12:38:01 +00:00
|
|
|
# @end
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_networks:
|
2020-06-20 13:29:36 +00:00
|
|
|
- name: default
|
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_networks_applied:
|
2020-06-20 13:29:36 +00:00
|
|
|
- default
|
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_volumes:description: > Define required docker volumes.
|
2020-06-20 13:29:36 +00:00
|
|
|
# @end
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_volumes:example: >
|
|
|
|
# vaultwarden_volumes:
|
2020-06-20 13:29:36 +00:00
|
|
|
# # Instead of the name you could specify a path on the container host system,
|
|
|
|
# # but you also have to enable bind mount for this volume
|
|
|
|
# - name: data
|
|
|
|
# # target location inside the container
|
|
|
|
# dest: /var/www/app/data
|
|
|
|
# # enable bind mount, if false volume will be configured as named volume
|
|
|
|
# # keep in mind you MUST set bind in any case
|
|
|
|
# bind: True
|
|
|
|
# @end
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_volumes:
|
2020-06-20 13:29:36 +00:00
|
|
|
- name: data
|
|
|
|
dest: /app/data
|
|
|
|
bind: False
|
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_websocket_enabled:description: >
|
2020-06-20 13:29:36 +00:00
|
|
|
# If you enable websockets you also have to expose port `3012`.
|
|
|
|
# @end
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_websocket_enabled: False
|
2020-06-20 13:29:36 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_exposed_ports:example: >
|
|
|
|
# vaultwarden_exposed_ports:
|
2020-06-20 13:29:36 +00:00
|
|
|
# - "127.0.0.1:8080:8080"
|
|
|
|
# - "127.0.0.1:3012:3012"
|
|
|
|
# @end
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_exposed_ports:
|
2020-06-20 13:29:36 +00:00
|
|
|
- "127.0.0.1:8080:8080"
|
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_extra_hosts: []
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_memory_limit: $ "_unset_"
|
|
|
|
# @var vaultwarden_memory_limit:example: $ "512m"
|
|
|
|
# @var vaultwarden_memory_reservation: $ "_unset_"
|
|
|
|
# @var vaultwarden_memory_reservation:example: $ "256m"
|
|
|
|
# @var vaultwarden_cpu_shares: $ "_unset_"
|
|
|
|
# @var vaultwarden_cpu_shares:example: $ "1024"
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_cap_add: []
|
|
|
|
vaultwarden_cap_drop: []
|
|
|
|
vaultwarden_security_opt: []
|
|
|
|
# @var vaultwarden_pids_limit: $ "_unset_"
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_healthcheck:
|
2020-02-07 19:28:33 +00:00
|
|
|
test: '["CMD", "/usr/local/bin/healthcheck"]'
|
2020-01-18 14:37:28 +00:00
|
|
|
interval: 10s
|
|
|
|
timeout: 3s
|
|
|
|
retries: 3
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_templates_folder: $ "_unset_"
|
|
|
|
vaultwarden_reload_templates: False
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_ip_header: x-client-ip
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_icon_cache_ttl: 2592000
|
|
|
|
vaultwarden_icon_cache_negttl: "{{ vaultwarden_icon_cache_ttl }}"
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_web_vault_enabled: True
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_extended_logging: True
|
|
|
|
vaultwarden_log_level: Info
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_disable_icon_download: False
|
|
|
|
vaultwarden_icon_download_timeout: 10
|
|
|
|
# @var vaultwarden_icon_blacklist_regexl: $ "_unset_"
|
|
|
|
vaultwarden_icon_blacklist_non_global_ips: True
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_disable_2fa_remember: False
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_signups_allowed: False
|
|
|
|
vaultwarden_signups_verify: False
|
|
|
|
vaultwarden_signups_verify_resend_time: 3600
|
|
|
|
vaultwarden_signups_verify_resend_limit: 6
|
|
|
|
# @var vaultwarden_signups_domains_whitelist: $ "_unset_"
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_invitations_allowed: True
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_admin_token: $ "_unset_"
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_password_iterations: 100000
|
|
|
|
vaultwarden_show_password_hint: True
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_authenticator_disable_time_drift: False
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_user_attachment_limit: 1024
|
|
|
|
vaultwarden_org_attachment_limit: 1024
|
2020-03-14 20:52:48 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_smtp_host: $ "_unset_"
|
|
|
|
vaultwarden_smtp_from: "vaultwarden@localhost"
|
|
|
|
vaultwarden_smtp_from_name: "Vaultwarden"
|
|
|
|
vaultwarden_smtp_port: 587
|
|
|
|
vaultwarden_smtp_ssl: True
|
|
|
|
# @var vaultwarden_smtp_username: $ "_unset_"
|
|
|
|
# @var vaultwarden_smtp_password: $ "_unset_"
|
|
|
|
vaultwarden_smtp_auth_mechanism: plain
|
|
|
|
vaultwarden_smtp_timeout: 15
|
2020-01-17 21:00:14 +00:00
|
|
|
|
2021-05-15 13:31:33 +00:00
|
|
|
# @var vaultwarden_db_server:description: >
|
2020-01-17 21:00:14 +00:00
|
|
|
# This ansible roles does only support postgresql as database"
|
|
|
|
# @end
|
2021-05-15 13:31:33 +00:00
|
|
|
vaultwarden_db_server: localhost
|
|
|
|
vaultwarden_db_port: 5432
|
|
|
|
vaultwarden_db_name: vaultwarden
|
|
|
|
vaultwarden_db_user: pgvaultwarden
|
|
|
|
vaultwarden_db_password: secure
|
|
|
|
vaultwarden_db_ssl_mode: disable
|
|
|
|
vaultwarden_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
|