chore: upstream project was renamed to vaultwarden
This commit is contained in:
parent
2262ad1ad0
commit
70f40c7885
@ -1,11 +1,11 @@
|
|||||||
# xoxys.bitwardenrs_docker
|
# xoxys.vaultwarden_docker
|
||||||
|
|
||||||
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.bitwardenrs_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.bitwardenrs_docker)
|
[![Build Status](https://img.shields.io/drone/build/ansible/xoxys.vaultwarden_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.vaultwarden_docker)
|
||||||
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
|
[![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
|
||||||
|
|
||||||
Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe. Bitwarden_RS is a community Bitwarden API server implementation written in Rust.
|
Role to setup a [Vaultwarden](https://github.com/dani-garcia/vaultwarden) password safe. Vaultwarden is a community Bitwarden API server implementation written in Rust.
|
||||||
|
|
||||||
You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/bitwardenrs_docker/).
|
You can find the full documentation at [https://galaxy.geekdocs.de](https://galaxy.geekdocs.de/roles/cloud/vaultwarden_docker/).
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
||||||
|
@ -1,29 +1,29 @@
|
|||||||
---
|
---
|
||||||
bitwardenrs_version: latest
|
vaultwarden_version: latest
|
||||||
bitwardenrs_image: "thegeeklab/bitwardenrs:{{ bitwardenrs_version }}"
|
vaultwarden_image: "thegeeklab/vaultwarden:{{ vaultwarden_version }}"
|
||||||
bitwardenrs_base_url: "http://localhost/"
|
vaultwarden_base_url: "http://localhost/"
|
||||||
|
|
||||||
bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs
|
vaultwarden_service_directory: /var/lib/docker/services/vaultwarden
|
||||||
bitwardenrs_container_name: bitwardenrs
|
vaultwarden_container_name: vaultwarden
|
||||||
bitwardenrs_restart_policy: always
|
vaultwarden_restart_policy: always
|
||||||
bitwardenrs_service_stopped: False
|
vaultwarden_service_stopped: False
|
||||||
|
|
||||||
# @var bitwardenrs_networks:example: >
|
# @var vaultwarden_networks:example: >
|
||||||
# bitwardenrs_networks:
|
# vaultwarden_networks:
|
||||||
# - name: default
|
# - name: default
|
||||||
# # optional network driver, defaults to 'bride'
|
# # optional network driver, defaults to 'bride'
|
||||||
# driver: host
|
# driver: host
|
||||||
# @end
|
# @end
|
||||||
bitwardenrs_networks:
|
vaultwarden_networks:
|
||||||
- name: default
|
- name: default
|
||||||
|
|
||||||
bitwardenrs_networks_applied:
|
vaultwarden_networks_applied:
|
||||||
- default
|
- default
|
||||||
|
|
||||||
# @var bitwardenrs_volumes:description: > Define required docker volumes.
|
# @var vaultwarden_volumes:description: > Define required docker volumes.
|
||||||
# @end
|
# @end
|
||||||
# @var bitwardenrs_volumes:example: >
|
# @var vaultwarden_volumes:example: >
|
||||||
# bitwardenrs_volumes:
|
# vaultwarden_volumes:
|
||||||
# # Instead of the name you could specify a path on the container host system,
|
# # Instead of the name you could specify a path on the container host system,
|
||||||
# # but you also have to enable bind mount for this volume
|
# # but you also have to enable bind mount for this volume
|
||||||
# - name: data
|
# - name: data
|
||||||
@ -33,99 +33,99 @@ bitwardenrs_networks_applied:
|
|||||||
# # keep in mind you MUST set bind in any case
|
# # keep in mind you MUST set bind in any case
|
||||||
# bind: True
|
# bind: True
|
||||||
# @end
|
# @end
|
||||||
bitwardenrs_volumes:
|
vaultwarden_volumes:
|
||||||
- name: data
|
- name: data
|
||||||
dest: /app/data
|
dest: /app/data
|
||||||
bind: False
|
bind: False
|
||||||
|
|
||||||
# @var bitwardenrs_websocket_enabled:description: >
|
# @var vaultwarden_websocket_enabled:description: >
|
||||||
# If you enable websockets you also have to expose port `3012`.
|
# If you enable websockets you also have to expose port `3012`.
|
||||||
# @end
|
# @end
|
||||||
bitwardenrs_websocket_enabled: False
|
vaultwarden_websocket_enabled: False
|
||||||
|
|
||||||
# @var bitwardenrs_exposed_ports:example: >
|
# @var vaultwarden_exposed_ports:example: >
|
||||||
# bitwardenrs_exposed_ports:
|
# vaultwarden_exposed_ports:
|
||||||
# - "127.0.0.1:8080:8080"
|
# - "127.0.0.1:8080:8080"
|
||||||
# - "127.0.0.1:3012:3012"
|
# - "127.0.0.1:3012:3012"
|
||||||
# @end
|
# @end
|
||||||
bitwardenrs_exposed_ports:
|
vaultwarden_exposed_ports:
|
||||||
- "127.0.0.1:8080:8080"
|
- "127.0.0.1:8080:8080"
|
||||||
|
|
||||||
bitwardenrs_extra_hosts: []
|
vaultwarden_extra_hosts: []
|
||||||
|
|
||||||
# @var bitwardenrs_memory_limit: $ "_unset_"
|
# @var vaultwarden_memory_limit: $ "_unset_"
|
||||||
# @var bitwardenrs_memory_limit:example: $ "512m"
|
# @var vaultwarden_memory_limit:example: $ "512m"
|
||||||
# @var bitwardenrs_memory_reservation: $ "_unset_"
|
# @var vaultwarden_memory_reservation: $ "_unset_"
|
||||||
# @var bitwardenrs_memory_reservation:example: $ "256m"
|
# @var vaultwarden_memory_reservation:example: $ "256m"
|
||||||
# @var bitwardenrs_cpu_shares: $ "_unset_"
|
# @var vaultwarden_cpu_shares: $ "_unset_"
|
||||||
# @var bitwardenrs_cpu_shares:example: $ "1024"
|
# @var vaultwarden_cpu_shares:example: $ "1024"
|
||||||
|
|
||||||
bitwardenrs_cap_add: []
|
vaultwarden_cap_add: []
|
||||||
bitwardenrs_cap_drop: []
|
vaultwarden_cap_drop: []
|
||||||
bitwardenrs_security_opt: []
|
vaultwarden_security_opt: []
|
||||||
# @var bitwardenrs_pids_limit: $ "_unset_"
|
# @var vaultwarden_pids_limit: $ "_unset_"
|
||||||
|
|
||||||
bitwardenrs_healthcheck:
|
vaultwarden_healthcheck:
|
||||||
test: '["CMD", "/usr/local/bin/healthcheck"]'
|
test: '["CMD", "/usr/local/bin/healthcheck"]'
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 3s
|
timeout: 3s
|
||||||
retries: 3
|
retries: 3
|
||||||
|
|
||||||
# @var bitwardenrs_templates_folder: $ "_unset_"
|
# @var vaultwarden_templates_folder: $ "_unset_"
|
||||||
bitwardenrs_reload_templates: False
|
vaultwarden_reload_templates: False
|
||||||
|
|
||||||
bitwardenrs_ip_header: x-client-ip
|
vaultwarden_ip_header: x-client-ip
|
||||||
|
|
||||||
bitwardenrs_icon_cache_ttl: 2592000
|
vaultwarden_icon_cache_ttl: 2592000
|
||||||
bitwardenrs_icon_cache_negttl: "{{ bitwardenrs_icon_cache_ttl }}"
|
vaultwarden_icon_cache_negttl: "{{ vaultwarden_icon_cache_ttl }}"
|
||||||
|
|
||||||
bitwardenrs_web_vault_enabled: True
|
vaultwarden_web_vault_enabled: True
|
||||||
|
|
||||||
bitwardenrs_extended_logging: True
|
vaultwarden_extended_logging: True
|
||||||
bitwardenrs_log_level: Info
|
vaultwarden_log_level: Info
|
||||||
|
|
||||||
bitwardenrs_disable_icon_download: False
|
vaultwarden_disable_icon_download: False
|
||||||
bitwardenrs_icon_download_timeout: 10
|
vaultwarden_icon_download_timeout: 10
|
||||||
# @var bitwardenrs_icon_blacklist_regexl: $ "_unset_"
|
# @var vaultwarden_icon_blacklist_regexl: $ "_unset_"
|
||||||
bitwardenrs_icon_blacklist_non_global_ips: True
|
vaultwarden_icon_blacklist_non_global_ips: True
|
||||||
|
|
||||||
bitwardenrs_disable_2fa_remember: False
|
vaultwarden_disable_2fa_remember: False
|
||||||
|
|
||||||
bitwardenrs_signups_allowed: False
|
vaultwarden_signups_allowed: False
|
||||||
bitwardenrs_signups_verify: False
|
vaultwarden_signups_verify: False
|
||||||
bitwardenrs_signups_verify_resend_time: 3600
|
vaultwarden_signups_verify_resend_time: 3600
|
||||||
bitwardenrs_signups_verify_resend_limit: 6
|
vaultwarden_signups_verify_resend_limit: 6
|
||||||
# @var bitwardenrs_signups_domains_whitelist: $ "_unset_"
|
# @var vaultwarden_signups_domains_whitelist: $ "_unset_"
|
||||||
|
|
||||||
bitwardenrs_invitations_allowed: True
|
vaultwarden_invitations_allowed: True
|
||||||
|
|
||||||
# @var bitwardenrs_admin_token: $ "_unset_"
|
# @var vaultwarden_admin_token: $ "_unset_"
|
||||||
|
|
||||||
bitwardenrs_password_iterations: 100000
|
vaultwarden_password_iterations: 100000
|
||||||
bitwardenrs_show_password_hint: True
|
vaultwarden_show_password_hint: True
|
||||||
|
|
||||||
bitwardenrs_authenticator_disable_time_drift: False
|
vaultwarden_authenticator_disable_time_drift: False
|
||||||
|
|
||||||
bitwardenrs_user_attachment_limit: 1024
|
vaultwarden_user_attachment_limit: 1024
|
||||||
bitwardenrs_org_attachment_limit: 1024
|
vaultwarden_org_attachment_limit: 1024
|
||||||
|
|
||||||
# @var bitwardenrs_smtp_host: $ "_unset_"
|
# @var vaultwarden_smtp_host: $ "_unset_"
|
||||||
bitwardenrs_smtp_from: "bitwardenrs@localhost"
|
vaultwarden_smtp_from: "vaultwarden@localhost"
|
||||||
bitwardenrs_smtp_from_name: "Bitwarden RS"
|
vaultwarden_smtp_from_name: "Vaultwarden"
|
||||||
bitwardenrs_smtp_port: 587
|
vaultwarden_smtp_port: 587
|
||||||
bitwardenrs_smtp_ssl: True
|
vaultwarden_smtp_ssl: True
|
||||||
# @var bitwardenrs_smtp_username: $ "_unset_"
|
# @var vaultwarden_smtp_username: $ "_unset_"
|
||||||
# @var bitwardenrs_smtp_password: $ "_unset_"
|
# @var vaultwarden_smtp_password: $ "_unset_"
|
||||||
bitwardenrs_smtp_auth_mechanism: plain
|
vaultwarden_smtp_auth_mechanism: plain
|
||||||
bitwardenrs_smtp_timeout: 15
|
vaultwarden_smtp_timeout: 15
|
||||||
|
|
||||||
# @var bitwardenrs_db_server:description: >
|
# @var vaultwarden_db_server:description: >
|
||||||
# This ansible roles does only support postgresql as database"
|
# This ansible roles does only support postgresql as database"
|
||||||
# @end
|
# @end
|
||||||
bitwardenrs_db_server: localhost
|
vaultwarden_db_server: localhost
|
||||||
bitwardenrs_db_port: 5432
|
vaultwarden_db_port: 5432
|
||||||
bitwardenrs_db_name: bitwardenrs
|
vaultwarden_db_name: vaultwarden
|
||||||
bitwardenrs_db_user: pgbitwardenrs
|
vaultwarden_db_user: pgvaultwarden
|
||||||
bitwardenrs_db_password: secure
|
vaultwarden_db_password: secure
|
||||||
bitwardenrs_db_ssl_mode: disable
|
vaultwarden_db_ssl_mode: disable
|
||||||
bitwardenrs_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
|
vaultwarden_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
|
||||||
|
@ -4,14 +4,14 @@ galaxy_info:
|
|||||||
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
|
# @meta author:value: [Robert Kaussow](https://gitea.rknet.org/xoxys)
|
||||||
author: Robert Kaussow <mail@thegeeklab.de>
|
author: Robert Kaussow <mail@thegeeklab.de>
|
||||||
namespace: xoxys
|
namespace: xoxys
|
||||||
role_name: bitwardenrs_docker
|
role_name: vaultwarden_docker
|
||||||
# @meta description: >
|
# @meta description: >
|
||||||
# [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker)
|
# [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.vaultwarden_docker)
|
||||||
# [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.bitwardenrs_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.bitwardenrs_docker)
|
# [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.vaultwarden_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.vaultwarden_docker)
|
||||||
# [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker/src/branch/master/LICENSE)
|
# [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.vaultwarden_docker/src/branch/master/LICENSE)
|
||||||
#
|
#
|
||||||
# Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe.
|
# Role to setup a [Vaultwarden](https://github.com/dani-garcia/vaultwarden) password safe.
|
||||||
# Bitwarden_RS is a community Bitwarden API server implementation written in Rust.
|
# Vaultwarden is a community Bitwarden API server implementation written in Rust.
|
||||||
# @end
|
# @end
|
||||||
description: Role to setup Bitwarden passsword safe
|
description: Role to setup Bitwarden passsword safe
|
||||||
license: MIT
|
license: MIT
|
||||||
|
@ -19,12 +19,12 @@
|
|||||||
postgres_connection_addresses:
|
postgres_connection_addresses:
|
||||||
- "{{ ansible_docker0.ipv4.address }}"
|
- "{{ ansible_docker0.ipv4.address }}"
|
||||||
postgres_users:
|
postgres_users:
|
||||||
- name: "pgbitwardenrs"
|
- name: "pgvaultwarden"
|
||||||
password: "secure"
|
password: "secure"
|
||||||
priv: ALL
|
priv: ALL
|
||||||
db: "bitwardenrs"
|
db: "vaultwarden"
|
||||||
postgres_dbs:
|
postgres_dbs:
|
||||||
- name: "bitwardenrs"
|
- name: "vaultwarden"
|
||||||
postgres_hba_entries_extra:
|
postgres_hba_entries_extra:
|
||||||
- contype: host
|
- contype: host
|
||||||
databases:
|
databases:
|
||||||
@ -33,8 +33,8 @@
|
|||||||
- all
|
- all
|
||||||
address: "172.18.0.0/16"
|
address: "172.18.0.0/16"
|
||||||
auth_method: md5
|
auth_method: md5
|
||||||
bitwardenrs_db_server: "{{ ansible_docker0.ipv4.address }}"
|
vaultwarden_db_server: "{{ ansible_docker0.ipv4.address }}"
|
||||||
|
|
||||||
roles:
|
roles:
|
||||||
- role: xoxys.postgres
|
- role: xoxys.postgres
|
||||||
- role: xoxys.bitwardenrs_docker
|
- role: xoxys.vaultwarden_docker
|
||||||
|
@ -9,7 +9,7 @@ dependency:
|
|||||||
driver:
|
driver:
|
||||||
name: delegated
|
name: delegated
|
||||||
platforms:
|
platforms:
|
||||||
- name: centos7-bitwardenrs
|
- name: centos7-vaultwarden
|
||||||
image: centos-7
|
image: centos-7
|
||||||
server_type: cx11
|
server_type: cx11
|
||||||
lint: |
|
lint: |
|
||||||
|
@ -1,27 +1,30 @@
|
|||||||
import os
|
import os
|
||||||
|
import warnings
|
||||||
|
|
||||||
import testinfra.utils.ansible_runner
|
import testinfra.utils.ansible_runner
|
||||||
|
|
||||||
import warnings
|
|
||||||
warnings.filterwarnings("ignore", category=DeprecationWarning)
|
warnings.filterwarnings("ignore", category=DeprecationWarning)
|
||||||
|
|
||||||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
|
||||||
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all')
|
os.environ["MOLECULE_INVENTORY_FILE"]).get_hosts("all")
|
||||||
|
|
||||||
|
|
||||||
def test_bitwardenrs_running(host):
|
def test_vaultwarden_running(host):
|
||||||
bitwardenrs = host.docker("bitwardenrs")
|
vaultwarden = host.docker("vaultwarden")
|
||||||
|
|
||||||
assert bitwardenrs.is_running
|
assert vaultwarden.is_running
|
||||||
|
|
||||||
|
|
||||||
def test_bitwardenrs_socket(host):
|
def test_vaultwarden_socket(host):
|
||||||
# Verify the socket is listening for HTTP traffic
|
# Verify the socket is listening for HTTP traffic
|
||||||
assert host.socket("tcp://127.0.0.1:8080").is_listening
|
assert host.socket("tcp://127.0.0.1:8080").is_listening
|
||||||
|
|
||||||
|
|
||||||
def test_bitwardenrs_conn_error(host):
|
def test_vaultwarden_conn_error(host):
|
||||||
code = int(host.run("curl -s -w '%{http_code}' http://127.0.0.1:8080/alive -o /dev/null").stdout)
|
code = int(
|
||||||
|
host.run(
|
||||||
|
"curl -s -w '%{http_code}' http://127.0.0.1:8080/alive -o /dev/null"
|
||||||
|
).stdout)
|
||||||
body = host.run("curl -sX GET http://127.0.0.1:8080/").stdout
|
body = host.run("curl -sX GET http://127.0.0.1:8080/").stdout
|
||||||
|
|
||||||
assert code == 200
|
assert code == 200
|
||||||
|
@ -2,14 +2,14 @@
|
|||||||
- block:
|
- block:
|
||||||
- name: Ensure service directory exists
|
- name: Ensure service directory exists
|
||||||
file:
|
file:
|
||||||
path: "{{ bitwardenrs_service_directory }}"
|
path: "{{ vaultwarden_service_directory }}"
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0755
|
mode: 0755
|
||||||
|
|
||||||
- name: Deploy compose file to '{{ bitwardenrs_service_directory }}'
|
- name: Deploy compose file to '{{ vaultwarden_service_directory }}'
|
||||||
template:
|
template:
|
||||||
src: "services/bitwardenrs_compose.yml.j2"
|
src: "services/vaultwarden_compose.yml.j2"
|
||||||
dest: "{{ bitwardenrs_service_directory }}/docker-compose.yml"
|
dest: "{{ vaultwarden_service_directory }}/docker-compose.yml"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: 0640
|
mode: 0640
|
||||||
@ -17,10 +17,10 @@
|
|||||||
|
|
||||||
- name: Ensure service is up and running
|
- name: Ensure service is up and running
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: "{{ bitwardenrs_service_directory }}"
|
project_src: "{{ vaultwarden_service_directory }}"
|
||||||
pull: yes
|
pull: yes
|
||||||
remove_orphans: yes
|
remove_orphans: yes
|
||||||
stopped: "{{ bitwardenrs_service_stopped }}"
|
stopped: "{{ vaultwarden_service_stopped }}"
|
||||||
state: present
|
state: present
|
||||||
become: True
|
become: True
|
||||||
become_user: root
|
become_user: root
|
||||||
|
@ -3,129 +3,129 @@
|
|||||||
version: "2.4"
|
version: "2.4"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
bitwardenrs:
|
vaultwarden:
|
||||||
container_name: {{ bitwardenrs_container_name }}
|
container_name: {{ vaultwarden_container_name }}
|
||||||
image: {{ bitwardenrs_image }}
|
image: {{ vaultwarden_image }}
|
||||||
restart: {{ bitwardenrs_restart_policy }}
|
restart: {{ vaultwarden_restart_policy }}
|
||||||
{% if bitwardenrs_exposed_ports | default([]) %}
|
{% if vaultwarden_exposed_ports | default([]) %}
|
||||||
ports:
|
ports:
|
||||||
{% for port in bitwardenrs_exposed_ports %}
|
{% for port in vaultwarden_exposed_ports %}
|
||||||
- {{ port | quote }}
|
- {{ port | quote }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_volumes | default([]) %}
|
{% if vaultwarden_volumes | default([]) %}
|
||||||
volumes:
|
volumes:
|
||||||
{% for volume in bitwardenrs_volumes %}
|
{% for volume in vaultwarden_volumes %}
|
||||||
- "{{ volume.name }}:{{ volume.dest }}"
|
- "{{ volume.name }}:{{ volume.dest }}"
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_networks_applied | default([]) %}
|
{% if vaultwarden_networks_applied | default([]) %}
|
||||||
networks:
|
networks:
|
||||||
{% for network in bitwardenrs_networks_applied %}
|
{% for network in vaultwarden_networks_applied %}
|
||||||
- {{ network }}
|
- {{ network }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_extra_hosts | default([]) %}
|
{% if vaultwarden_extra_hosts | default([]) %}
|
||||||
extra_hosts:
|
extra_hosts:
|
||||||
{% for host in bitwardenrs_extra_hosts %}
|
{% for host in vaultwarden_extra_hosts %}
|
||||||
- {{ host | quote }}
|
- {{ host | quote }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
environment:
|
environment:
|
||||||
- BITWARDENRS_DOMAIN={{ bitwardenrs_base_url }}
|
- VAULTWARDEN_DOMAIN={{ vaultwarden_base_url }}
|
||||||
- BITWARDENRS_DATABASE_URL=postgresql://{{ bitwardenrs_db_user }}:{{ bitwardenrs_db_password | urlencode }}@{{ bitwardenrs_db_server }}:{{ bitwardenrs_db_port }}/{{ bitwardenrs_db_name }}?sslmode={{ bitwardenrs_db_ssl_mode }}&sslrootcert={{ bitwardenrs_db_ssl_rootcert }}
|
- VAULTWARDEN_DATABASE_URL=postgresql://{{ vaultwarden_db_user }}:{{ vaultwarden_db_password | urlencode }}@{{ vaultwarden_db_server }}:{{ vaultwarden_db_port }}/{{ vaultwarden_db_name }}?sslmode={{ vaultwarden_db_ssl_mode }}&sslrootcert={{ vaultwarden_db_ssl_rootcert }}
|
||||||
- BITWARDENRS_USER_ATTACHMENT_LIMIT={{ bitwardenrs_user_attachment_limit }}
|
- VAULTWARDEN_USER_ATTACHMENT_LIMIT={{ vaultwarden_user_attachment_limit }}
|
||||||
- BITWARDENRS_ORG_ATTACHMENT_LIMIT={{ bitwardenrs_org_attachment_limit }}
|
- VAULTWARDEN_ORG_ATTACHMENT_LIMIT={{ vaultwarden_org_attachment_limit }}
|
||||||
- BITWARDENRS_WEBSOCKET_ENABLED={{ bitwardenrs_websocket_enabled }}
|
- VAULTWARDEN_WEBSOCKET_ENABLED={{ vaultwarden_websocket_enabled }}
|
||||||
{% if bitwardenrs_templates_folder is defined and bitwardenrs_templates_folder %}
|
{% if vaultwarden_templates_folder is defined and vaultwarden_templates_folder %}
|
||||||
- BITWARDENRS_TEMPLATES_FOLDER={{ bitwardenrs_templates_folder }}
|
- VAULTWARDEN_TEMPLATES_FOLDER={{ vaultwarden_templates_folder }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- BITWARDENRS_RELOAD_TEMPLATES={{ bitwardenrs_reload_templates }}
|
- VAULTWARDEN_RELOAD_TEMPLATES={{ vaultwarden_reload_templates }}
|
||||||
- BITWARDENRS_IP_HEADER={{ bitwardenrs_ip_header }}
|
- VAULTWARDEN_IP_HEADER={{ vaultwarden_ip_header }}
|
||||||
- BITWARDENRS_ICON_CACHE_TTL={{ bitwardenrs_icon_cache_ttl }}
|
- VAULTWARDEN_ICON_CACHE_TTL={{ vaultwarden_icon_cache_ttl }}
|
||||||
- BITWARDENRS_ICON_CACHE_NEGTTL="{{ bitwardenrs_icon_cache_negttl }}"
|
- VAULTWARDEN_ICON_CACHE_NEGTTL="{{ vaultwarden_icon_cache_negttl }}"
|
||||||
- BITWARDENRS_WEB_VAULT_ENABLED={{ bitwardenrs_web_vault_enabled }}
|
- VAULTWARDEN_WEB_VAULT_ENABLED={{ vaultwarden_web_vault_enabled }}
|
||||||
- BITWARDENRS_EXTENDED_LOGGING={{ bitwardenrs_extended_logging }}
|
- VAULTWARDEN_EXTENDED_LOGGING={{ vaultwarden_extended_logging }}
|
||||||
- BITWARDENRS_LOG_LEVEL={{ bitwardenrs_log_level }}
|
- VAULTWARDEN_LOG_LEVEL={{ vaultwarden_log_level }}
|
||||||
- BITWARDENRS_DISABLE_ICON_DOWNLOAD={{ bitwardenrs_disable_icon_download }}
|
- VAULTWARDEN_DISABLE_ICON_DOWNLOAD={{ vaultwarden_disable_icon_download }}
|
||||||
- BITWARDENRS_ICON_DOWNLOAD_TIMEOUT={{ bitwardenrs_icon_download_timeout }}
|
- VAULTWARDEN_ICON_DOWNLOAD_TIMEOUT={{ vaultwarden_icon_download_timeout }}
|
||||||
{% if bitwardenrs_icon_blacklist_regexl is defined and bitwardenrs_icon_blacklist_regexl %}
|
{% if vaultwarden_icon_blacklist_regexl is defined and vaultwarden_icon_blacklist_regexl %}
|
||||||
- BITWARDENRS_ICON_BLACKLIST_REGEXL={{ bitwardenrs_icon_blacklist_regexl }}
|
- VAULTWARDEN_ICON_BLACKLIST_REGEXL={{ vaultwarden_icon_blacklist_regexl }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- BITWARDENRS_ICON_BLACKLIST_NON_GLOBAL_IPS={{ bitwardenrs_icon_blacklist_non_global_ips }}
|
- VAULTWARDEN_ICON_BLACKLIST_NON_GLOBAL_IPS={{ vaultwarden_icon_blacklist_non_global_ips }}
|
||||||
- BITWARDENRS_DISABLE_2FA_REMEMBER={{ bitwardenrs_disable_2fa_remember }}
|
- VAULTWARDEN_DISABLE_2FA_REMEMBER={{ vaultwarden_disable_2fa_remember }}
|
||||||
- BITWARDENRS_SIGNUPS_ALLOWED={{ bitwardenrs_signups_allowed }}
|
- VAULTWARDEN_SIGNUPS_ALLOWED={{ vaultwarden_signups_allowed }}
|
||||||
- BITWARDENRS_SIGNUPS_VERIFY={{ bitwardenrs_signups_verify }}
|
- VAULTWARDEN_SIGNUPS_VERIFY={{ vaultwarden_signups_verify }}
|
||||||
- BITWARDENRS_SIGNUPS_VERIFY_RESEND_TIME={{ bitwardenrs_signups_verify_resend_time }}
|
- VAULTWARDEN_SIGNUPS_VERIFY_RESEND_TIME={{ vaultwarden_signups_verify_resend_time }}
|
||||||
- BITWARDENRS_SIGNUPS_VERIFY_RESEND_LIMIT={{ bitwardenrs_signups_verify_resend_limit }}
|
- VAULTWARDEN_SIGNUPS_VERIFY_RESEND_LIMIT={{ vaultwarden_signups_verify_resend_limit }}
|
||||||
{% if bitwardenrs_signups_domains_whitelist is defined and bitwardenrs_signups_domains_whitelist %}
|
{% if vaultwarden_signups_domains_whitelist is defined and vaultwarden_signups_domains_whitelist %}
|
||||||
- BITWARDENRS_SIGNUPS_DOMAINS_WHITELIST={{ bitwardenrs_signups_domains_whitelist }}
|
- VAULTWARDEN_SIGNUPS_DOMAINS_WHITELIST={{ vaultwarden_signups_domains_whitelist }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- BITWARDENRS_INVITATIONS_ALLOWED={{ bitwardenrs_invitations_allowed }}
|
- VAULTWARDEN_INVITATIONS_ALLOWED={{ vaultwarden_invitations_allowed }}
|
||||||
{% if bitwardenrs_admin_token is defined and bitwardenrs_admin_token %}
|
{% if vaultwarden_admin_token is defined and vaultwarden_admin_token %}
|
||||||
- BITWARDENRS_ADMIN_TOKEN={{ bitwardenrs_admin_token }}
|
- VAULTWARDEN_ADMIN_TOKEN={{ vaultwarden_admin_token }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- BITWARDENRS_PASSWORD_ITERATIONS={{ bitwardenrs_password_iterations }}
|
- VAULTWARDEN_PASSWORD_ITERATIONS={{ vaultwarden_password_iterations }}
|
||||||
- BITWARDENRS_SHOW_PASSWORD_HINT={{ bitwardenrs_show_password_hint }}
|
- VAULTWARDEN_SHOW_PASSWORD_HINT={{ vaultwarden_show_password_hint }}
|
||||||
- BITWARDENRS_AUTHENTICATOR_DISABLE_TIME_DRIFT={{ bitwardenrs_authenticator_disable_time_drift }}
|
- VAULTWARDEN_AUTHENTICATOR_DISABLE_TIME_DRIFT={{ vaultwarden_authenticator_disable_time_drift }}
|
||||||
{% if bitwardenrs_smtp_host is defined and bitwardenrs_smtp_host %}
|
{% if vaultwarden_smtp_host is defined and vaultwarden_smtp_host %}
|
||||||
- BITWARDENRS_SMTP_HOST={{ bitwardenrs_smtp_host }}
|
- VAULTWARDEN_SMTP_HOST={{ vaultwarden_smtp_host }}
|
||||||
- BITWARDENRS_SMTP_FROM={{ bitwardenrs_smtp_from }}
|
- VAULTWARDEN_SMTP_FROM={{ vaultwarden_smtp_from }}
|
||||||
- BITWARDENRS_SMTP_FROM_NAME="{{ bitwardenrs_smtp_from_name }}"
|
- VAULTWARDEN_SMTP_FROM_NAME="{{ vaultwarden_smtp_from_name }}"
|
||||||
- BITWARDENRS_SMTP_PORT={{ bitwardenrs_smtp_port }}
|
- VAULTWARDEN_SMTP_PORT={{ vaultwarden_smtp_port }}
|
||||||
- BITWARDENRS_SMTP_SSL={{ bitwardenrs_smtp_ssl }}
|
- VAULTWARDEN_SMTP_SSL={{ vaultwarden_smtp_ssl }}
|
||||||
{% if bitwardenrs_smtp_username is defined and bitwardenrs_smtp_username %}
|
{% if vaultwarden_smtp_username is defined and vaultwarden_smtp_username %}
|
||||||
- BITWARDENRS_SMTP_USERNAME={{ bitwardenrs_smtp_username }}
|
- VAULTWARDEN_SMTP_USERNAME={{ vaultwarden_smtp_username }}
|
||||||
- BITWARDENRS_SMTP_PASSWORD={{ bitwardenrs_smtp_password }}
|
- VAULTWARDEN_SMTP_PASSWORD={{ vaultwarden_smtp_password }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
- BITWARDENRS_SMTP_AUTH_MECHANISM={{ bitwardenrs_smtp_auth_mechanism }}
|
- VAULTWARDEN_SMTP_AUTH_MECHANISM={{ vaultwarden_smtp_auth_mechanism }}
|
||||||
- BITWARDENRS_SMTP_TIMEOUT={{ bitwardenrs_smtp_timeout }}
|
- VAULTWARDEN_SMTP_TIMEOUT={{ vaultwarden_smtp_timeout }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_memory_limit is defined %}
|
{% if vaultwarden_memory_limit is defined %}
|
||||||
mem_limit: {{ bitwardenrs_memory_limit }}
|
mem_limit: {{ vaultwarden_memory_limit }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_memory_reservation is defined %}
|
{% if vaultwarden_memory_reservation is defined %}
|
||||||
mem_reservation: {{ bitwardenrs_memory_reservation }}
|
mem_reservation: {{ vaultwarden_memory_reservation }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_cpu_shares is defined %}
|
{% if vaultwarden_cpu_shares is defined %}
|
||||||
cpu_shares: {{ bitwardenrs_cpu_shares }}
|
cpu_shares: {{ vaultwarden_cpu_shares }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if not bitwardenrs_cap_add | length == 0 %}
|
{% if not vaultwarden_cap_add | length == 0 %}
|
||||||
cap_add:
|
cap_add:
|
||||||
{% for item in bitwardenrs_cap_add %}
|
{% for item in vaultwarden_cap_add %}
|
||||||
- {{ item }}
|
- {{ item }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if not bitwardenrs_cap_drop | length == 0 %}
|
{% if not vaultwarden_cap_drop | length == 0 %}
|
||||||
cap_drop:
|
cap_drop:
|
||||||
{% for item in bitwardenrs_cap_drop %}
|
{% for item in vaultwarden_cap_drop %}
|
||||||
- {{ item }}
|
- {{ item }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if not bitwardenrs_security_opt | length == 0 %}
|
{% if not vaultwarden_security_opt | length == 0 %}
|
||||||
security_opt:
|
security_opt:
|
||||||
{% for item in bitwardenrs_security_opt %}
|
{% for item in vaultwarden_security_opt %}
|
||||||
- {{ item }}
|
- {{ item }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
healthcheck:
|
healthcheck:
|
||||||
{% for key, value in bitwardenrs_healthcheck.items() %}
|
{% for key, value in vaultwarden_healthcheck.items() %}
|
||||||
{{ key }}: {{ value }}
|
{{ key }}: {{ value }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% if bitwardenrs_pids_limit is defined %}
|
{% if vaultwarden_pids_limit is defined %}
|
||||||
pids_limit: {{ bitwardenrs_pids_limit }}
|
pids_limit: {{ vaultwarden_pids_limit }}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_volumes | default([]) | rejectattr("bind") | list | length > 0 %}
|
{% if vaultwarden_volumes | default([]) | rejectattr("bind") | list | length > 0 %}
|
||||||
|
|
||||||
volumes:
|
volumes:
|
||||||
{% for volume in bitwardenrs_volumes | rejectattr("bind") %}
|
{% for volume in vaultwarden_volumes | rejectattr("bind") %}
|
||||||
{{ volume.name }}:
|
{{ volume.name }}:
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if bitwardenrs_networks | default([]) | length > 0 %}
|
{% if vaultwarden_networks | default([]) | length > 0 %}
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
{% for network in bitwardenrs_networks %}
|
{% for network in vaultwarden_networks %}
|
||||||
{{ network.name }}:
|
{{ network.name }}:
|
||||||
driver: {{ network.backend | default("bridge") }}
|
driver: {{ network.backend | default("bridge") }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
Loading…
Reference in New Issue
Block a user