ansible
/
xoxys.vaultwarden_docker
0
0
Fork 0
Code Issues Pull Requests Releases Activity

commit 20c5a8a77c 

Author: Robert Kaussow <mail@geeklabor.de>
Date:   Tue Jun 23 12:57:45 2020 +0200

    switch back to master branch for docker_engine role
This commit is contained in:
Robert Kaussow 2020-06-23 11:02:45 +00:00
parent ad813aff18
commit 7d5f7b2d0b
1 changed files with 68 additions and 303 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

371
index.md
View File

@ -5,7 +5,7 @@ type: docs
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.bitwardenrs_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.bitwardenrs_docker) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker/src/branch/master/LICENSE)
Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe. Bitwarden_RS is a community Bitwarden API server implementation written in Rust. This Role use Docker to setup [Bitwarden](https://gitea.rknet.org/docker/bitwarden_rs) and a [Bitwarden LDAP](https://gitea.rknet.org/docker/bitwarden_rs_ldap) Sync Service (optional).
Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe. Bitwarden_RS is a community Bitwarden API server implementation written in Rust.
* [Default Variables](#default-variables)
* [bitwardenrs_admin_token](#bitwardenrs_admin_token)
@ -24,9 +24,7 @@ Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) pass
* [bitwardenrs_db_user](#bitwardenrs_db_user)
* [bitwardenrs_disable_2fa_remember](#bitwardenrs_disable_2fa_remember)
* [bitwardenrs_disable_icon_download](#bitwardenrs_disable_icon_download)
* [bitwardenrs_docker_compose_bin](#bitwardenrs_docker_compose_bin)
* [bitwardenrs_exposed_ip](#bitwardenrs_exposed_ip)
* [bitwardenrs_exposed_port](#bitwardenrs_exposed_port)
* [bitwardenrs_exposed_ports](#bitwardenrs_exposed_ports)
* [bitwardenrs_extended_logging](#bitwardenrs_extended_logging)
* [bitwardenrs_extra_hosts](#bitwardenrs_extra_hosts)
* [bitwardenrs_healthcheck](#bitwardenrs_healthcheck)
@ -38,35 +36,11 @@ Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) pass
* [bitwardenrs_image](#bitwardenrs_image)
* [bitwardenrs_invitations_allowed](#bitwardenrs_invitations_allowed)
* [bitwardenrs_ip_header](#bitwardenrs_ip_header)
* [bitwardenrs_ldap_bind_dn](#bitwardenrs_ldap_bind_dn)
* [bitwardenrs_ldap_bind_password](#bitwardenrs_ldap_bind_password)
* [bitwardenrs_ldap_bitwarden_admin_token](#bitwardenrs_ldap_bitwarden_admin_token)
* [bitwardenrs_ldap_bitwarden_url](#bitwardenrs_ldap_bitwarden_url)
* [bitwardenrs_ldap_cap_add](#bitwardenrs_ldap_cap_add)
* [bitwardenrs_ldap_cap_drop](#bitwardenrs_ldap_cap_drop)
* [bitwardenrs_ldap_container_name](#bitwardenrs_ldap_container_name)
* [bitwardenrs_ldap_cpu_shares](#bitwardenrs_ldap_cpu_shares)
* [bitwardenrs_ldap_host](#bitwardenrs_ldap_host)
* [bitwardenrs_ldap_image](#bitwardenrs_ldap_image)
* [bitwardenrs_ldap_mail_field](#bitwardenrs_ldap_mail_field)
* [bitwardenrs_ldap_memory_limit](#bitwardenrs_ldap_memory_limit)
* [bitwardenrs_ldap_memory_reservation](#bitwardenrs_ldap_memory_reservation)
* [bitwardenrs_ldap_pids_limit](#bitwardenrs_ldap_pids_limit)
* [bitwardenrs_ldap_port](#bitwardenrs_ldap_port)
* [bitwardenrs_ldap_restart_policy](#bitwardenrs_ldap_restart_policy)
* [bitwardenrs_ldap_scheme](#bitwardenrs_ldap_scheme)
* [bitwardenrs_ldap_search_base_dn](#bitwardenrs_ldap_search_base_dn)
* [bitwardenrs_ldap_search_filter](#bitwardenrs_ldap_search_filter)
* [bitwardenrs_ldap_security_opt](#bitwardenrs_ldap_security_opt)
* [bitwardenrs_ldap_ssl](#bitwardenrs_ldap_ssl)
* [bitwardenrs_ldap_sync_enabled](#bitwardenrs_ldap_sync_enabled)
* [bitwardenrs_ldap_sync_interval_seconds](#bitwardenrs_ldap_sync_interval_seconds)
* [bitwardenrs_ldap_sync_loop](#bitwardenrs_ldap_sync_loop)
* [bitwardenrs_ldap_version](#bitwardenrs_ldap_version)
* [bitwardenrs_ldap_volumes_extra](#bitwardenrs_ldap_volumes_extra)
* [bitwardenrs_log_level](#bitwardenrs_log_level)
* [bitwardenrs_memory_limit](#bitwardenrs_memory_limit)
* [bitwardenrs_memory_reservation](#bitwardenrs_memory_reservation)
* [bitwardenrs_networks](#bitwardenrs_networks)
* [bitwardenrs_networks_applied](#bitwardenrs_networks_applied)
* [bitwardenrs_org_attachment_limit](#bitwardenrs_org_attachment_limit)
* [bitwardenrs_password_iterations](#bitwardenrs_password_iterations)
* [bitwardenrs_pids_limit](#bitwardenrs_pids_limit)
@ -74,6 +48,7 @@ Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) pass
* [bitwardenrs_restart_policy](#bitwardenrs_restart_policy)
* [bitwardenrs_security_opt](#bitwardenrs_security_opt)
* [bitwardenrs_service_directory](#bitwardenrs_service_directory)
* [bitwardenrs_service_stopped](#bitwardenrs_service_stopped)
* [bitwardenrs_show_password_hint](#bitwardenrs_show_password_hint)
* [bitwardenrs_signups_allowed](#bitwardenrs_signups_allowed)
* [bitwardenrs_signups_domains_whitelist](#bitwardenrs_signups_domains_whitelist)
@ -92,11 +67,9 @@ Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) pass
* [bitwardenrs_templates_folder](#bitwardenrs_templates_folder)
* [bitwardenrs_user_attachment_limit](#bitwardenrs_user_attachment_limit)
* [bitwardenrs_version](#bitwardenrs_version)
* [bitwardenrs_volumes_extra](#bitwardenrs_volumes_extra)
* [bitwardenrs_volumes](#bitwardenrs_volumes)
* [bitwardenrs_web_vault_enabled](#bitwardenrs_web_vault_enabled)
* [bitwardenrs_websocket_enabled](#bitwardenrs_websocket_enabled)
* [bitwardenrs_websocket_exposed_ip](#bitwardenrs_websocket_exposed_ip)
* [bitwardenrs_websocket_exposed_port](#bitwardenrs_websocket_exposed_port)
* [Dependencies](#dependencies)
---
@ -239,28 +212,21 @@ bitwardenrs_disable_2fa_remember: false
bitwardenrs_disable_icon_download: false
```
### bitwardenrs_docker_compose_bin
### bitwardenrs_exposed_ports
#### Default value
```YAML
bitwardenrs_docker_compose_bin: /usr/local/bin/docker-compose
bitwardenrs_exposed_ports:
- 127.0.0.1:8080:8080
```
### bitwardenrs_exposed_ip
#### Default value
#### Example usage
```YAML
bitwardenrs_exposed_ip: 127.0.0.1
```
### bitwardenrs_exposed_port
#### Default value
```YAML
bitwardenrs_exposed_port: 80
bitwardenrs_exposed_ports:
- "127.0.0.1:8080:8080"
- "127.0.0.1:3012:3012"
```
### bitwardenrs_extended_logging
@ -355,240 +321,6 @@ bitwardenrs_invitations_allowed: true
bitwardenrs_ip_header: x-client-ip
```
### bitwardenrs_ldap_bind_dn
#### Default value
```YAML
bitwardenrs_ldap_bind_dn: _unset_
```
### bitwardenrs_ldap_bind_password
#### Default value
```YAML
bitwardenrs_ldap_bind_password: _unset_
```
### bitwardenrs_ldap_bitwarden_admin_token
#### Default value
```YAML
bitwardenrs_ldap_bitwarden_admin_token: "{{ bitwardenrs_admin_token | default('')\
\ }}"
```
### bitwardenrs_ldap_bitwarden_url
#### Default value
```YAML
bitwardenrs_ldap_bitwarden_url: '{{ bitwardenrs_base_url }}'
```
### bitwardenrs_ldap_cap_add
#### Default value
```YAML
bitwardenrs_ldap_cap_add: []
```
### bitwardenrs_ldap_cap_drop
#### Default value
```YAML
bitwardenrs_ldap_cap_drop: []
```
### bitwardenrs_ldap_container_name
#### Default value
```YAML
bitwardenrs_ldap_container_name: bitwardenrs_ldap
```
### bitwardenrs_ldap_cpu_shares
#### Default value
```YAML
bitwardenrs_ldap_cpu_shares: _unset_
```
#### Example usage
```YAML
bitwardenrs_ldap_cpu_shares: '1024'
```
### bitwardenrs_ldap_host
#### Default value
```YAML
bitwardenrs_ldap_host: _unset_
```
### bitwardenrs_ldap_image
#### Default value
```YAML
bitwardenrs_ldap_image: xoxys/bitwardenrs_ldap:{{ bitwardenrs_ldap_version }}
```
### bitwardenrs_ldap_mail_field
#### Default value
```YAML
bitwardenrs_ldap_mail_field: mail
```
### bitwardenrs_ldap_memory_limit
#### Default value
```YAML
bitwardenrs_ldap_memory_limit: _unset_
```
#### Example usage
```YAML
bitwardenrs_ldap_memory_limit: 512m
```
### bitwardenrs_ldap_memory_reservation
#### Default value
```YAML
bitwardenrs_ldap_memory_reservation: _unset_
```
#### Example usage
```YAML
bitwardenrs_ldap_memory_reservation: 256m
```
### bitwardenrs_ldap_pids_limit
#### Default value
```YAML
bitwardenrs_ldap_pids_limit: _unset_
```
### bitwardenrs_ldap_port
#### Default value
```YAML
bitwardenrs_ldap_port: _unset_
```
### bitwardenrs_ldap_restart_policy
#### Default value
```YAML
bitwardenrs_ldap_restart_policy: on-failure
```
### bitwardenrs_ldap_scheme
#### Default value
```YAML
bitwardenrs_ldap_scheme: _unset_
```
### bitwardenrs_ldap_search_base_dn
#### Default value
```YAML
bitwardenrs_ldap_search_base_dn: _unset_
```
### bitwardenrs_ldap_search_filter
#### Default value
```YAML
bitwardenrs_ldap_search_filter: (&(objectclass=*)(uid=*))
```
### bitwardenrs_ldap_security_opt
#### Default value
```YAML
bitwardenrs_ldap_security_opt: []
```
### bitwardenrs_ldap_ssl
#### Default value
```YAML
bitwardenrs_ldap_ssl: true
```
### bitwardenrs_ldap_sync_enabled
#### Default value
```YAML
bitwardenrs_ldap_sync_enabled: false
```
### bitwardenrs_ldap_sync_interval_seconds
#### Default value
```YAML
bitwardenrs_ldap_sync_interval_seconds: 60
```
### bitwardenrs_ldap_sync_loop
#### Default value
```YAML
bitwardenrs_ldap_sync_loop: true
```
### bitwardenrs_ldap_version
#### Default value
```YAML
bitwardenrs_ldap_version: latest
```
### bitwardenrs_ldap_volumes_extra
#### Default value
```YAML
bitwardenrs_ldap_volumes_extra: []
```
#### Example usage
```YAML
bitwardenrs_ldap_volumes_extra:
- /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/etc/ssl/certs/ca-certificates.crt:Z
```
### bitwardenrs_log_level
#### Default value
@ -625,6 +357,33 @@ bitwardenrs_memory_reservation: _unset_
bitwardenrs_memory_reservation: 256m
```
### bitwardenrs_networks
#### Default value
```YAML
bitwardenrs_networks:
- name: default
```
#### Example usage
```YAML
bitwardenrs_networks:
- name: default
# optional network driver, defaults to 'bride'
driver: host
```
### bitwardenrs_networks_applied
#### Default value
```YAML
bitwardenrs_networks_applied:
- default
```
### bitwardenrs_org_attachment_limit
#### Default value
@ -662,7 +421,7 @@ bitwardenrs_reload_templates: false
#### Default value
```YAML
bitwardenrs_restart_policy: on-failure
bitwardenrs_restart_policy: always
```
### bitwardenrs_security_opt
@ -681,6 +440,14 @@ bitwardenrs_security_opt: []
bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs
```
### bitwardenrs_service_stopped
#### Default value
```YAML
bitwardenrs_service_stopped: false
```
### bitwardenrs_show_password_hint
#### Default value
@ -822,22 +589,34 @@ bitwardenrs_user_attachment_limit: 1024
#### Default value
```YAML
bitwardenrs_version: 1.13
bitwardenrs_version: latest
```
### bitwardenrs_volumes_extra
### bitwardenrs_volumes
> Define required docker volumes.
#### Default value
```YAML
bitwardenrs_volumes_extra: []
bitwardenrs_volumes:
- name: data
dest: /app/data
bind: false
```
#### Example usage
```YAML
bitwardenrs_volumes_extra:
- /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/etc/ssl/certs/ca-certificates.crt:Z
bitwardenrs_volumes:
# Instead of the name you could specify a path on the container host system,
# but you also have to enable bind mount for this volume
- name: data
# target location inside the container
dest: /var/www/app/data
# enable bind mount, if false volume will be configured as named volume
# keep in mind you MUST set bind in any case
bind: True
```
### bitwardenrs_web_vault_enabled
@ -850,28 +629,14 @@ bitwardenrs_web_vault_enabled: true
### bitwardenrs_websocket_enabled
If you enable websockets you also have to expose port `3012`.
#### Default value
```YAML
bitwardenrs_websocket_enabled: false
```
### bitwardenrs_websocket_exposed_ip
#### Default value
```YAML
bitwardenrs_websocket_exposed_ip: 127.0.0.1
```
### bitwardenrs_websocket_exposed_port
#### Default value
```YAML
bitwardenrs_websocket_exposed_port: 3012
```
## Dependencies
None.