ansible/xoxys.vaultwarden_docker
0
0
Fork 0
Code Issues Pull Requests Releases Activity

chore: upstream project was renamed to vaultwarden (#2)
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source 
Co-authored-by: Robert Kaussow <mail@geeklabor.de>
Reviewed-on: #2
Co-authored-by: Robert Kaussow <xoxys@rknet.org>
Co-committed-by: Robert Kaussow <xoxys@rknet.org>
This commit is contained in:
Robert Kaussow 2021-05-15 16:05:35 +02:00
parent 2262ad1ad0
commit 4cdd6b3373
8 changed files with 181 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -1,11 +1,11 @@
# xoxys.bitwardenrs_docker # xoxys.vaultwarden_docker
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.bitwardenrs_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.bitwardenrs_docker) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.vaultwarden_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.vaultwarden_docker)
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe. Bitwarden_RS is a community Bitwarden API server implementation written in Rust. Role to setup a [Vaultwarden](https://github.com/dani-garcia/vaultwarden) password safe. Vaultwarden is a community Bitwarden API server implementation written in Rust.
You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/bitwardenrs_docker/). You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/vaultwarden_docker/).
## License ## License

148
defaults/main.yml
View File

@ -1,29 +1,29 @@
--- ---
bitwardenrs_version: latest vaultwarden_version: latest
bitwardenrs_image: "thegeeklab/bitwardenrs:{{ bitwardenrs_version }}" vaultwarden_image: "thegeeklab/vaultwarden:{{ vaultwarden_version }}"
bitwardenrs_base_url: "http://localhost/" vaultwarden_base_url: "http://localhost/"
bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs vaultwarden_service_directory: /var/lib/docker/services/vaultwarden
bitwardenrs_container_name: bitwardenrs vaultwarden_container_name: vaultwarden
bitwardenrs_restart_policy: always vaultwarden_restart_policy: always
bitwardenrs_service_stopped: False vaultwarden_service_stopped: False
# @var bitwardenrs_networks:example: > # @var vaultwarden_networks:example: >
# bitwardenrs_networks: # vaultwarden_networks:
# - name: default # - name: default
# # optional network driver, defaults to 'bride' # # optional network driver, defaults to 'bride'
# driver: host # driver: host
# @end # @end
bitwardenrs_networks: vaultwarden_networks:
- name: default - name: default
bitwardenrs_networks_applied: vaultwarden_networks_applied:
- default - default
# @var bitwardenrs_volumes:description: > Define required docker volumes. # @var vaultwarden_volumes:description: > Define required docker volumes.
# @end # @end
# @var bitwardenrs_volumes:example: > # @var vaultwarden_volumes:example: >
# bitwardenrs_volumes: # vaultwarden_volumes:
# # Instead of the name you could specify a path on the container host system, # # Instead of the name you could specify a path on the container host system,
# # but you also have to enable bind mount for this volume # # but you also have to enable bind mount for this volume
# - name: data # - name: data
@ -33,99 +33,99 @@ bitwardenrs_networks_applied:
# # keep in mind you MUST set bind in any case # # keep in mind you MUST set bind in any case
# bind: True # bind: True
# @end # @end
bitwardenrs_volumes: vaultwarden_volumes:
- name: data - name: data
dest: /app/data dest: /app/data
bind: False bind: False
# @var bitwardenrs_websocket_enabled:description: > # @var vaultwarden_websocket_enabled:description: >
# If you enable websockets you also have to expose port `3012`. # If you enable websockets you also have to expose port `3012`.
# @end # @end
bitwardenrs_websocket_enabled: False vaultwarden_websocket_enabled: False
# @var bitwardenrs_exposed_ports:example: > # @var vaultwarden_exposed_ports:example: >
# bitwardenrs_exposed_ports: # vaultwarden_exposed_ports:
# - "127.0.0.1:8080:8080" # - "127.0.0.1:8080:8080"
# - "127.0.0.1:3012:3012" # - "127.0.0.1:3012:3012"
# @end # @end
bitwardenrs_exposed_ports: vaultwarden_exposed_ports:
- "127.0.0.1:8080:8080" - "127.0.0.1:8080:8080"
bitwardenrs_extra_hosts: [] vaultwarden_extra_hosts: []
# @var bitwardenrs_memory_limit: $ "_unset_" # @var vaultwarden_memory_limit: $ "_unset_"
# @var bitwardenrs_memory_limit:example: $ "512m" # @var vaultwarden_memory_limit:example: $ "512m"
# @var bitwardenrs_memory_reservation: $ "_unset_" # @var vaultwarden_memory_reservation: $ "_unset_"
# @var bitwardenrs_memory_reservation:example: $ "256m" # @var vaultwarden_memory_reservation:example: $ "256m"
# @var bitwardenrs_cpu_shares: $ "_unset_" # @var vaultwarden_cpu_shares: $ "_unset_"
# @var bitwardenrs_cpu_shares:example: $ "1024" # @var vaultwarden_cpu_shares:example: $ "1024"
bitwardenrs_cap_add: [] vaultwarden_cap_add: []
bitwardenrs_cap_drop: [] vaultwarden_cap_drop: []
bitwardenrs_security_opt: [] vaultwarden_security_opt: []
# @var bitwardenrs_pids_limit: $ "_unset_" # @var vaultwarden_pids_limit: $ "_unset_"
bitwardenrs_healthcheck: vaultwarden_healthcheck:
test: '["CMD", "/usr/local/bin/healthcheck"]' test: '["CMD", "/usr/local/bin/healthcheck"]'
interval: 10s interval: 10s
timeout: 3s timeout: 3s
retries: 3 retries: 3
# @var bitwardenrs_templates_folder: $ "_unset_" # @var vaultwarden_templates_folder: $ "_unset_"
bitwardenrs_reload_templates: False vaultwarden_reload_templates: False
bitwardenrs_ip_header: x-client-ip vaultwarden_ip_header: x-client-ip
bitwardenrs_icon_cache_ttl: 2592000 vaultwarden_icon_cache_ttl: 2592000
bitwardenrs_icon_cache_negttl: "{{ bitwardenrs_icon_cache_ttl }}" vaultwarden_icon_cache_negttl: "{{ vaultwarden_icon_cache_ttl }}"
bitwardenrs_web_vault_enabled: True vaultwarden_web_vault_enabled: True
bitwardenrs_extended_logging: True vaultwarden_extended_logging: True
bitwardenrs_log_level: Info vaultwarden_log_level: Info
bitwardenrs_disable_icon_download: False vaultwarden_disable_icon_download: False
bitwardenrs_icon_download_timeout: 10 vaultwarden_icon_download_timeout: 10
# @var bitwardenrs_icon_blacklist_regexl: $ "_unset_" # @var vaultwarden_icon_blacklist_regexl: $ "_unset_"
bitwardenrs_icon_blacklist_non_global_ips: True vaultwarden_icon_blacklist_non_global_ips: True
bitwardenrs_disable_2fa_remember: False vaultwarden_disable_2fa_remember: False
bitwardenrs_signups_allowed: False vaultwarden_signups_allowed: False
bitwardenrs_signups_verify: False vaultwarden_signups_verify: False
bitwardenrs_signups_verify_resend_time: 3600 vaultwarden_signups_verify_resend_time: 3600
bitwardenrs_signups_verify_resend_limit: 6 vaultwarden_signups_verify_resend_limit: 6
# @var bitwardenrs_signups_domains_whitelist: $ "_unset_" # @var vaultwarden_signups_domains_whitelist: $ "_unset_"
bitwardenrs_invitations_allowed: True vaultwarden_invitations_allowed: True
# @var bitwardenrs_admin_token: $ "_unset_" # @var vaultwarden_admin_token: $ "_unset_"
bitwardenrs_password_iterations: 100000 vaultwarden_password_iterations: 100000
bitwardenrs_show_password_hint: True vaultwarden_show_password_hint: True
bitwardenrs_authenticator_disable_time_drift: False vaultwarden_authenticator_disable_time_drift: False
bitwardenrs_user_attachment_limit: 1024 vaultwarden_user_attachment_limit: 1024
bitwardenrs_org_attachment_limit: 1024 vaultwarden_org_attachment_limit: 1024
# @var bitwardenrs_smtp_host: $ "_unset_" # @var vaultwarden_smtp_host: $ "_unset_"
bitwardenrs_smtp_from: "bitwardenrs@localhost" vaultwarden_smtp_from: "vaultwarden@localhost"
bitwardenrs_smtp_from_name: "Bitwarden RS" vaultwarden_smtp_from_name: "Vaultwarden"
bitwardenrs_smtp_port: 587 vaultwarden_smtp_port: 587
bitwardenrs_smtp_ssl: True vaultwarden_smtp_ssl: True
# @var bitwardenrs_smtp_username: $ "_unset_" # @var vaultwarden_smtp_username: $ "_unset_"
# @var bitwardenrs_smtp_password: $ "_unset_" # @var vaultwarden_smtp_password: $ "_unset_"
bitwardenrs_smtp_auth_mechanism: plain vaultwarden_smtp_auth_mechanism: plain
bitwardenrs_smtp_timeout: 15 vaultwarden_smtp_timeout: 15
# @var bitwardenrs_db_server:description: > # @var vaultwarden_db_server:description: >
# This ansible roles does only support postgresql as database" # This ansible roles does only support postgresql as database"
# @end # @end
bitwardenrs_db_server: localhost vaultwarden_db_server: localhost
bitwardenrs_db_port: 5432 vaultwarden_db_port: 5432
bitwardenrs_db_name: bitwardenrs vaultwarden_db_name: vaultwarden
bitwardenrs_db_user: pgbitwardenrs vaultwarden_db_user: pgvaultwarden
bitwardenrs_db_password: secure vaultwarden_db_password: secure
bitwardenrs_db_ssl_mode: disable vaultwarden_db_ssl_mode: disable
bitwardenrs_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt vaultwarden_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt

12
meta/main.yml
View File

@ -4,14 +4,14 @@ galaxy_info:
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys) # @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
author: Robert Kaussow <mail@thegeeklab.de> author: Robert Kaussow <mail@thegeeklab.de>
namespace: xoxys namespace: xoxys
role_name: bitwardenrs_docker role_name: vaultwarden_docker
# @meta description: > # @meta description: >
# [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker) # [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.vaultwarden_docker)
# [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.bitwardenrs_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.bitwardenrs_docker) # [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.vaultwarden_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.vaultwarden_docker)
# [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker/src/branch/master/LICENSE) # [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.vaultwarden_docker/src/branch/master/LICENSE)
# #
# Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe. # Role to setup a [Vaultwarden](https://github.com/dani-garcia/vaultwarden) password safe.
# Bitwarden_RS is a community Bitwarden API server implementation written in Rust. # Vaultwarden is a community Bitwarden API server implementation written in Rust.
# @end # @end
description: Role to setup Bitwarden passsword safe description: Role to setup Bitwarden passsword safe
license: MIT license: MIT

10
molecule/centos7/converge.yml
View File

@ -19,12 +19,12 @@
postgres_connection_addresses: postgres_connection_addresses:
- "{{ ansible_docker0.ipv4.address }}" - "{{ ansible_docker0.ipv4.address }}"
postgres_users: postgres_users:
- name: "pgbitwardenrs" - name: "pgvaultwarden"
password: "secure" password: "secure"
priv: ALL priv: ALL
db: "bitwardenrs" db: "vaultwarden"
postgres_dbs: postgres_dbs:
- name: "bitwardenrs" - name: "vaultwarden"
postgres_hba_entries_extra: postgres_hba_entries_extra:
- contype: host - contype: host
databases: databases:
@ -33,8 +33,8 @@
- all - all
address: "172.18.0.0/16" address: "172.18.0.0/16"
auth_method: md5 auth_method: md5
bitwardenrs_db_server: "{{ ansible_docker0.ipv4.address }}" vaultwarden_db_server: "{{ ansible_docker0.ipv4.address }}"
roles: roles:
- role: xoxys.postgres - role: xoxys.postgres
- role: xoxys.bitwardenrs_docker - role: xoxys.vaultwarden_docker

2
molecule/centos7/molecule.yml
View File

@ -9,7 +9,7 @@ dependency:
driver: driver:
name: delegated name: delegated
platforms: platforms:
- name: centos7-bitwardenrs - name: centos7-vaultwarden
image: centos-7 image: centos-7
server_type: cx11 server_type: cx11
lint: | lint: |

19
molecule/centos7/tests/test_default.py
View File

@ -1,27 +1,30 @@
import os import os
import warnings
import testinfra.utils.ansible_runner import testinfra.utils.ansible_runner
import warnings
warnings.filterwarnings("ignore", category=DeprecationWarning) warnings.filterwarnings("ignore", category=DeprecationWarning)
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') os.environ["MOLECULE_INVENTORY_FILE"]).get_hosts("all")
def test_bitwardenrs_running(host): def test_vaultwarden_running(host):
bitwardenrs = host.docker("bitwardenrs") vaultwarden = host.docker("vaultwarden")
assert bitwardenrs.is_running assert vaultwarden.is_running
def test_bitwardenrs_socket(host): def test_vaultwarden_socket(host):
# Verify the socket is listening for HTTP traffic # Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:8080").is_listening assert host.socket("tcp://127.0.0.1:8080").is_listening
def test_bitwardenrs_conn_error(host): def test_vaultwarden_conn_error(host):
code = int(host.run("curl -s -w '%{http_code}' http://127.0.0.1:8080/alive -o /dev/null").stdout) code = int(
host.run(
"curl -s -w '%{http_code}' http://127.0.0.1:8080/alive -o /dev/null"
).stdout)
body = host.run("curl -sX GET http://127.0.0.1:8080/").stdout body = host.run("curl -sX GET http://127.0.0.1:8080/").stdout
assert code == 200 assert code == 200

12
tasks/setup.yml
View File

@ -2,14 +2,14 @@
- block: - block:
- name: Ensure service directory exists - name: Ensure service directory exists
file: file:
path: "{{ bitwardenrs_service_directory }}" path: "{{ vaultwarden_service_directory }}"
state: directory state: directory
mode: 0755 mode: 0755
- name: Deploy compose file to '{{ bitwardenrs_service_directory }}' - name: Deploy compose file to '{{ vaultwarden_service_directory }}'
template: template:
src: "services/bitwardenrs_compose.yml.j2" src: "services/vaultwarden_compose.yml.j2"
dest: "{{ bitwardenrs_service_directory }}/docker-compose.yml" dest: "{{ vaultwarden_service_directory }}/docker-compose.yml"
owner: root owner: root
group: root group: root
mode: 0640 mode: 0640
@ -17,10 +17,10 @@
- name: Ensure service is up and running - name: Ensure service is up and running
docker_compose: docker_compose:
project_src: "{{ bitwardenrs_service_directory }}" project_src: "{{ vaultwarden_service_directory }}"
pull: yes pull: yes
remove_orphans: yes remove_orphans: yes
stopped: "{{ bitwardenrs_service_stopped }}" stopped: "{{ vaultwarden_service_stopped }}"
state: present state: present
become: True become: True
become_user: root become_user: root

148
templates/services/bitwardenrs_compose.yml.j2
View File

@ -3,129 +3,129 @@
version: "2.4" version: "2.4"
services: services:
bitwardenrs: vaultwarden:
container_name: {{ bitwardenrs_container_name }} container_name: {{ vaultwarden_container_name }}
image: {{ bitwardenrs_image }} image: {{ vaultwarden_image }}
restart: {{ bitwardenrs_restart_policy }} restart: {{ vaultwarden_restart_policy }}
{% if bitwardenrs_exposed_ports | default([]) %} {% if vaultwarden_exposed_ports | default([]) %}
ports: ports:
{% for port in bitwardenrs_exposed_ports %} {% for port in vaultwarden_exposed_ports %}
- {{ port | quote }} - {{ port | quote }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if bitwardenrs_volumes | default([]) %} {% if vaultwarden_volumes | default([]) %}
volumes: volumes:
{% for volume in bitwardenrs_volumes %} {% for volume in vaultwarden_volumes %}
- "{{ volume.name }}:{{ volume.dest }}" - "{{ volume.name }}:{{ volume.dest }}"
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if bitwardenrs_networks_applied | default([]) %} {% if vaultwarden_networks_applied | default([]) %}
networks: networks:
{% for network in bitwardenrs_networks_applied %} {% for network in vaultwarden_networks_applied %}
- {{ network }} - {{ network }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if bitwardenrs_extra_hosts | default([]) %} {% if vaultwarden_extra_hosts | default([]) %}
extra_hosts: extra_hosts:
{% for host in bitwardenrs_extra_hosts %} {% for host in vaultwarden_extra_hosts %}
- {{ host | quote }} - {{ host | quote }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
environment: environment:
- BITWARDENRS_DOMAIN={{ bitwardenrs_base_url }} - VAULTWARDEN_DOMAIN={{ vaultwarden_base_url }}
- BITWARDENRS_DATABASE_URL=postgresql://{{ bitwardenrs_db_user }}:{{ bitwardenrs_db_password | urlencode }}@{{ bitwardenrs_db_server }}:{{ bitwardenrs_db_port }}/{{ bitwardenrs_db_name }}?sslmode={{ bitwardenrs_db_ssl_mode }}&sslrootcert={{ bitwardenrs_db_ssl_rootcert }} - VAULTWARDEN_DATABASE_URL=postgresql://{{ vaultwarden_db_user }}:{{ vaultwarden_db_password | urlencode }}@{{ vaultwarden_db_server }}:{{ vaultwarden_db_port }}/{{ vaultwarden_db_name }}?sslmode={{ vaultwarden_db_ssl_mode }}&sslrootcert={{ vaultwarden_db_ssl_rootcert }}
- BITWARDENRS_USER_ATTACHMENT_LIMIT={{ bitwardenrs_user_attachment_limit }} - VAULTWARDEN_USER_ATTACHMENT_LIMIT={{ vaultwarden_user_attachment_limit }}
- BITWARDENRS_ORG_ATTACHMENT_LIMIT={{ bitwardenrs_org_attachment_limit }} - VAULTWARDEN_ORG_ATTACHMENT_LIMIT={{ vaultwarden_org_attachment_limit }}
- BITWARDENRS_WEBSOCKET_ENABLED={{ bitwardenrs_websocket_enabled }} - VAULTWARDEN_WEBSOCKET_ENABLED={{ vaultwarden_websocket_enabled }}
{% if bitwardenrs_templates_folder is defined and bitwardenrs_templates_folder %} {% if vaultwarden_templates_folder is defined and vaultwarden_templates_folder %}
- BITWARDENRS_TEMPLATES_FOLDER={{ bitwardenrs_templates_folder }} - VAULTWARDEN_TEMPLATES_FOLDER={{ vaultwarden_templates_folder }}
{% endif %} {% endif %}
- BITWARDENRS_RELOAD_TEMPLATES={{ bitwardenrs_reload_templates }} - VAULTWARDEN_RELOAD_TEMPLATES={{ vaultwarden_reload_templates }}
- BITWARDENRS_IP_HEADER={{ bitwardenrs_ip_header }} - VAULTWARDEN_IP_HEADER={{ vaultwarden_ip_header }}
- BITWARDENRS_ICON_CACHE_TTL={{ bitwardenrs_icon_cache_ttl }} - VAULTWARDEN_ICON_CACHE_TTL={{ vaultwarden_icon_cache_ttl }}
- BITWARDENRS_ICON_CACHE_NEGTTL="{{ bitwardenrs_icon_cache_negttl }}" - VAULTWARDEN_ICON_CACHE_NEGTTL="{{ vaultwarden_icon_cache_negttl }}"
- BITWARDENRS_WEB_VAULT_ENABLED={{ bitwardenrs_web_vault_enabled }} - VAULTWARDEN_WEB_VAULT_ENABLED={{ vaultwarden_web_vault_enabled }}
- BITWARDENRS_EXTENDED_LOGGING={{ bitwardenrs_extended_logging }} - VAULTWARDEN_EXTENDED_LOGGING={{ vaultwarden_extended_logging }}
- BITWARDENRS_LOG_LEVEL={{ bitwardenrs_log_level }} - VAULTWARDEN_LOG_LEVEL={{ vaultwarden_log_level }}
- BITWARDENRS_DISABLE_ICON_DOWNLOAD={{ bitwardenrs_disable_icon_download }} - VAULTWARDEN_DISABLE_ICON_DOWNLOAD={{ vaultwarden_disable_icon_download }}
- BITWARDENRS_ICON_DOWNLOAD_TIMEOUT={{ bitwardenrs_icon_download_timeout }} - VAULTWARDEN_ICON_DOWNLOAD_TIMEOUT={{ vaultwarden_icon_download_timeout }}
{% if bitwardenrs_icon_blacklist_regexl is defined and bitwardenrs_icon_blacklist_regexl %} {% if vaultwarden_icon_blacklist_regexl is defined and vaultwarden_icon_blacklist_regexl %}
- BITWARDENRS_ICON_BLACKLIST_REGEXL={{ bitwardenrs_icon_blacklist_regexl }} - VAULTWARDEN_ICON_BLACKLIST_REGEXL={{ vaultwarden_icon_blacklist_regexl }}
{% endif %} {% endif %}
- BITWARDENRS_ICON_BLACKLIST_NON_GLOBAL_IPS={{ bitwardenrs_icon_blacklist_non_global_ips }} - VAULTWARDEN_ICON_BLACKLIST_NON_GLOBAL_IPS={{ vaultwarden_icon_blacklist_non_global_ips }}
- BITWARDENRS_DISABLE_2FA_REMEMBER={{ bitwardenrs_disable_2fa_remember }} - VAULTWARDEN_DISABLE_2FA_REMEMBER={{ vaultwarden_disable_2fa_remember }}
- BITWARDENRS_SIGNUPS_ALLOWED={{ bitwardenrs_signups_allowed }} - VAULTWARDEN_SIGNUPS_ALLOWED={{ vaultwarden_signups_allowed }}
- BITWARDENRS_SIGNUPS_VERIFY={{ bitwardenrs_signups_verify }} - VAULTWARDEN_SIGNUPS_VERIFY={{ vaultwarden_signups_verify }}
- BITWARDENRS_SIGNUPS_VERIFY_RESEND_TIME={{ bitwardenrs_signups_verify_resend_time }} - VAULTWARDEN_SIGNUPS_VERIFY_RESEND_TIME={{ vaultwarden_signups_verify_resend_time }}
- BITWARDENRS_SIGNUPS_VERIFY_RESEND_LIMIT={{ bitwardenrs_signups_verify_resend_limit }} - VAULTWARDEN_SIGNUPS_VERIFY_RESEND_LIMIT={{ vaultwarden_signups_verify_resend_limit }}
{% if bitwardenrs_signups_domains_whitelist is defined and bitwardenrs_signups_domains_whitelist %} {% if vaultwarden_signups_domains_whitelist is defined and vaultwarden_signups_domains_whitelist %}
- BITWARDENRS_SIGNUPS_DOMAINS_WHITELIST={{ bitwardenrs_signups_domains_whitelist }} - VAULTWARDEN_SIGNUPS_DOMAINS_WHITELIST={{ vaultwarden_signups_domains_whitelist }}
{% endif %} {% endif %}
- BITWARDENRS_INVITATIONS_ALLOWED={{ bitwardenrs_invitations_allowed }} - VAULTWARDEN_INVITATIONS_ALLOWED={{ vaultwarden_invitations_allowed }}
{% if bitwardenrs_admin_token is defined and bitwardenrs_admin_token %} {% if vaultwarden_admin_token is defined and vaultwarden_admin_token %}
- BITWARDENRS_ADMIN_TOKEN={{ bitwardenrs_admin_token }} - VAULTWARDEN_ADMIN_TOKEN={{ vaultwarden_admin_token }}
{% endif %} {% endif %}
- BITWARDENRS_PASSWORD_ITERATIONS={{ bitwardenrs_password_iterations }} - VAULTWARDEN_PASSWORD_ITERATIONS={{ vaultwarden_password_iterations }}
- BITWARDENRS_SHOW_PASSWORD_HINT={{ bitwardenrs_show_password_hint }} - VAULTWARDEN_SHOW_PASSWORD_HINT={{ vaultwarden_show_password_hint }}
- BITWARDENRS_AUTHENTICATOR_DISABLE_TIME_DRIFT={{ bitwardenrs_authenticator_disable_time_drift }} - VAULTWARDEN_AUTHENTICATOR_DISABLE_TIME_DRIFT={{ vaultwarden_authenticator_disable_time_drift }}
{% if bitwardenrs_smtp_host is defined and bitwardenrs_smtp_host %} {% if vaultwarden_smtp_host is defined and vaultwarden_smtp_host %}
- BITWARDENRS_SMTP_HOST={{ bitwardenrs_smtp_host }} - VAULTWARDEN_SMTP_HOST={{ vaultwarden_smtp_host }}
- BITWARDENRS_SMTP_FROM={{ bitwardenrs_smtp_from }} - VAULTWARDEN_SMTP_FROM={{ vaultwarden_smtp_from }}
- BITWARDENRS_SMTP_FROM_NAME="{{ bitwardenrs_smtp_from_name }}" - VAULTWARDEN_SMTP_FROM_NAME="{{ vaultwarden_smtp_from_name }}"
- BITWARDENRS_SMTP_PORT={{ bitwardenrs_smtp_port }} - VAULTWARDEN_SMTP_PORT={{ vaultwarden_smtp_port }}
- BITWARDENRS_SMTP_SSL={{ bitwardenrs_smtp_ssl }} - VAULTWARDEN_SMTP_SSL={{ vaultwarden_smtp_ssl }}
{% if bitwardenrs_smtp_username is defined and bitwardenrs_smtp_username %} {% if vaultwarden_smtp_username is defined and vaultwarden_smtp_username %}
- BITWARDENRS_SMTP_USERNAME={{ bitwardenrs_smtp_username }} - VAULTWARDEN_SMTP_USERNAME={{ vaultwarden_smtp_username }}
- BITWARDENRS_SMTP_PASSWORD={{ bitwardenrs_smtp_password }} - VAULTWARDEN_SMTP_PASSWORD={{ vaultwarden_smtp_password }}
{% endif %} {% endif %}
- BITWARDENRS_SMTP_AUTH_MECHANISM={{ bitwardenrs_smtp_auth_mechanism }} - VAULTWARDEN_SMTP_AUTH_MECHANISM={{ vaultwarden_smtp_auth_mechanism }}
- BITWARDENRS_SMTP_TIMEOUT={{ bitwardenrs_smtp_timeout }} - VAULTWARDEN_SMTP_TIMEOUT={{ vaultwarden_smtp_timeout }}
{% endif %} {% endif %}
{% if bitwardenrs_memory_limit is defined %} {% if vaultwarden_memory_limit is defined %}
mem_limit: {{ bitwardenrs_memory_limit }} mem_limit: {{ vaultwarden_memory_limit }}
{% endif %} {% endif %}
{% if bitwardenrs_memory_reservation is defined %} {% if vaultwarden_memory_reservation is defined %}
mem_reservation: {{ bitwardenrs_memory_reservation }} mem_reservation: {{ vaultwarden_memory_reservation }}
{% endif %} {% endif %}
{% if bitwardenrs_cpu_shares is defined %} {% if vaultwarden_cpu_shares is defined %}
cpu_shares: {{ bitwardenrs_cpu_shares }} cpu_shares: {{ vaultwarden_cpu_shares }}
{% endif %} {% endif %}
{% if not bitwardenrs_cap_add | length == 0 %} {% if not vaultwarden_cap_add | length == 0 %}
cap_add: cap_add:
{% for item in bitwardenrs_cap_add %} {% for item in vaultwarden_cap_add %}
- {{ item }} - {{ item }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if not bitwardenrs_cap_drop | length == 0 %} {% if not vaultwarden_cap_drop | length == 0 %}
cap_drop: cap_drop:
{% for item in bitwardenrs_cap_drop %} {% for item in vaultwarden_cap_drop %}
- {{ item }} - {{ item }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if not bitwardenrs_security_opt | length == 0 %} {% if not vaultwarden_security_opt | length == 0 %}
security_opt: security_opt:
{% for item in bitwardenrs_security_opt %} {% for item in vaultwarden_security_opt %}
- {{ item }} - {{ item }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
healthcheck: healthcheck:
{% for key, value in bitwardenrs_healthcheck.items() %} {% for key, value in vaultwarden_healthcheck.items() %}
{{ key }}: {{ value }} {{ key }}: {{ value }}
{% endfor %} {% endfor %}
{% if bitwardenrs_pids_limit is defined %} {% if vaultwarden_pids_limit is defined %}
pids_limit: {{ bitwardenrs_pids_limit }} pids_limit: {{ vaultwarden_pids_limit }}
{% endif %} {% endif %}
{% if bitwardenrs_volumes | default([]) | rejectattr("bind") | list | length > 0 %} {% if vaultwarden_volumes | default([]) | rejectattr("bind") | list | length > 0 %}
volumes: volumes:
{% for volume in bitwardenrs_volumes | rejectattr("bind") %} {% for volume in vaultwarden_volumes | rejectattr("bind") %}
{{ volume.name }}: {{ volume.name }}:
{% endfor %} {% endfor %}
{% endif %} {% endif %}
{% if bitwardenrs_networks | default([]) | length > 0 %} {% if vaultwarden_networks | default([]) | length > 0 %}
networks: networks:
{% for network in bitwardenrs_networks %} {% for network in vaultwarden_networks %}
{{ network.name }}: {{ network.name }}:
driver: {{ network.backend | default("bridge") }} driver: {{ network.backend | default("bridge") }}
{% endfor %} {% endfor %}