--- title: bitwardenrs_docker type: docs --- [![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.bitwardenrs_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.bitwardenrs_docker) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.bitwardenrs_docker/src/branch/master/LICENSE) Role to setup a [Bitwarden RS](https://github.com/dani-garcia/bitwarden_rs) password safe. Bitwarden_RS is a community Bitwarden API server implementation written in Rust. * [Default Variables](#default-variables) * [bitwardenrs_admin_token](#bitwardenrs_admin_token) * [bitwardenrs_authenticator_disable_time_drift](#bitwardenrs_authenticator_disable_time_drift) * [bitwardenrs_base_url](#bitwardenrs_base_url) * [bitwardenrs_cap_add](#bitwardenrs_cap_add) * [bitwardenrs_cap_drop](#bitwardenrs_cap_drop) * [bitwardenrs_container_name](#bitwardenrs_container_name) * [bitwardenrs_cpu_shares](#bitwardenrs_cpu_shares) * [bitwardenrs_db_name](#bitwardenrs_db_name) * [bitwardenrs_db_password](#bitwardenrs_db_password) * [bitwardenrs_db_port](#bitwardenrs_db_port) * [bitwardenrs_db_server](#bitwardenrs_db_server) * [bitwardenrs_db_ssl_mode](#bitwardenrs_db_ssl_mode) * [bitwardenrs_db_ssl_rootcert](#bitwardenrs_db_ssl_rootcert) * [bitwardenrs_db_user](#bitwardenrs_db_user) * [bitwardenrs_disable_2fa_remember](#bitwardenrs_disable_2fa_remember) * [bitwardenrs_disable_icon_download](#bitwardenrs_disable_icon_download) * [bitwardenrs_exposed_ports](#bitwardenrs_exposed_ports) * [bitwardenrs_extended_logging](#bitwardenrs_extended_logging) * [bitwardenrs_extra_hosts](#bitwardenrs_extra_hosts) * [bitwardenrs_healthcheck](#bitwardenrs_healthcheck) * [bitwardenrs_icon_blacklist_non_global_ips](#bitwardenrs_icon_blacklist_non_global_ips) * [bitwardenrs_icon_blacklist_regexl](#bitwardenrs_icon_blacklist_regexl) * [bitwardenrs_icon_cache_negttl](#bitwardenrs_icon_cache_negttl) * [bitwardenrs_icon_cache_ttl](#bitwardenrs_icon_cache_ttl) * [bitwardenrs_icon_download_timeout](#bitwardenrs_icon_download_timeout) * [bitwardenrs_image](#bitwardenrs_image) * [bitwardenrs_invitations_allowed](#bitwardenrs_invitations_allowed) * [bitwardenrs_ip_header](#bitwardenrs_ip_header) * [bitwardenrs_log_level](#bitwardenrs_log_level) * [bitwardenrs_memory_limit](#bitwardenrs_memory_limit) * [bitwardenrs_memory_reservation](#bitwardenrs_memory_reservation) * [bitwardenrs_networks](#bitwardenrs_networks) * [bitwardenrs_networks_applied](#bitwardenrs_networks_applied) * [bitwardenrs_org_attachment_limit](#bitwardenrs_org_attachment_limit) * [bitwardenrs_password_iterations](#bitwardenrs_password_iterations) * [bitwardenrs_pids_limit](#bitwardenrs_pids_limit) * [bitwardenrs_reload_templates](#bitwardenrs_reload_templates) * [bitwardenrs_restart_policy](#bitwardenrs_restart_policy) * [bitwardenrs_security_opt](#bitwardenrs_security_opt) * [bitwardenrs_service_directory](#bitwardenrs_service_directory) * [bitwardenrs_service_stopped](#bitwardenrs_service_stopped) * [bitwardenrs_show_password_hint](#bitwardenrs_show_password_hint) * [bitwardenrs_signups_allowed](#bitwardenrs_signups_allowed) * [bitwardenrs_signups_domains_whitelist](#bitwardenrs_signups_domains_whitelist) * [bitwardenrs_signups_verify](#bitwardenrs_signups_verify) * [bitwardenrs_signups_verify_resend_limit](#bitwardenrs_signups_verify_resend_limit) * [bitwardenrs_signups_verify_resend_time](#bitwardenrs_signups_verify_resend_time) * [bitwardenrs_smtp_auth_mechanism](#bitwardenrs_smtp_auth_mechanism) * [bitwardenrs_smtp_from](#bitwardenrs_smtp_from) * [bitwardenrs_smtp_from_name](#bitwardenrs_smtp_from_name) * [bitwardenrs_smtp_host](#bitwardenrs_smtp_host) * [bitwardenrs_smtp_password](#bitwardenrs_smtp_password) * [bitwardenrs_smtp_port](#bitwardenrs_smtp_port) * [bitwardenrs_smtp_ssl](#bitwardenrs_smtp_ssl) * [bitwardenrs_smtp_timeout](#bitwardenrs_smtp_timeout) * [bitwardenrs_smtp_username](#bitwardenrs_smtp_username) * [bitwardenrs_templates_folder](#bitwardenrs_templates_folder) * [bitwardenrs_user_attachment_limit](#bitwardenrs_user_attachment_limit) * [bitwardenrs_version](#bitwardenrs_version) * [bitwardenrs_volumes](#bitwardenrs_volumes) * [bitwardenrs_web_vault_enabled](#bitwardenrs_web_vault_enabled) * [bitwardenrs_websocket_enabled](#bitwardenrs_websocket_enabled) * [Dependencies](#dependencies) --- ## Default Variables ### bitwardenrs_admin_token #### Default value ```YAML bitwardenrs_admin_token: _unset_ ``` ### bitwardenrs_authenticator_disable_time_drift #### Default value ```YAML bitwardenrs_authenticator_disable_time_drift: false ``` ### bitwardenrs_base_url #### Default value ```YAML bitwardenrs_base_url: http://localhost/ ``` ### bitwardenrs_cap_add #### Default value ```YAML bitwardenrs_cap_add: [] ``` ### bitwardenrs_cap_drop #### Default value ```YAML bitwardenrs_cap_drop: [] ``` ### bitwardenrs_container_name #### Default value ```YAML bitwardenrs_container_name: bitwardenrs ``` ### bitwardenrs_cpu_shares #### Default value ```YAML bitwardenrs_cpu_shares: _unset_ ``` #### Example usage ```YAML bitwardenrs_cpu_shares: '1024' ``` ### bitwardenrs_db_name #### Default value ```YAML bitwardenrs_db_name: bitwardenrs ``` ### bitwardenrs_db_password #### Default value ```YAML bitwardenrs_db_password: secure ``` ### bitwardenrs_db_port #### Default value ```YAML bitwardenrs_db_port: 5432 ``` ### bitwardenrs_db_server This ansible roles does only support postgresql as database" #### Default value ```YAML bitwardenrs_db_server: localhost ``` ### bitwardenrs_db_ssl_mode #### Default value ```YAML bitwardenrs_db_ssl_mode: disable ``` ### bitwardenrs_db_ssl_rootcert #### Default value ```YAML bitwardenrs_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt ``` ### bitwardenrs_db_user #### Default value ```YAML bitwardenrs_db_user: pgbitwardenrs ``` ### bitwardenrs_disable_2fa_remember #### Default value ```YAML bitwardenrs_disable_2fa_remember: false ``` ### bitwardenrs_disable_icon_download #### Default value ```YAML bitwardenrs_disable_icon_download: false ``` ### bitwardenrs_exposed_ports #### Default value ```YAML bitwardenrs_exposed_ports: - 127.0.0.1:8080:8080 ``` #### Example usage ```YAML bitwardenrs_exposed_ports: - "127.0.0.1:8080:8080" - "127.0.0.1:3012:3012" ``` ### bitwardenrs_extended_logging #### Default value ```YAML bitwardenrs_extended_logging: true ``` ### bitwardenrs_extra_hosts #### Default value ```YAML bitwardenrs_extra_hosts: [] ``` ### bitwardenrs_healthcheck #### Default value ```YAML bitwardenrs_healthcheck: test: '["CMD", "/usr/local/bin/healthcheck"]' interval: 10s timeout: 3s retries: 3 ``` ### bitwardenrs_icon_blacklist_non_global_ips #### Default value ```YAML bitwardenrs_icon_blacklist_non_global_ips: true ``` ### bitwardenrs_icon_blacklist_regexl #### Default value ```YAML bitwardenrs_icon_blacklist_regexl: _unset_ ``` ### bitwardenrs_icon_cache_negttl #### Default value ```YAML bitwardenrs_icon_cache_negttl: '{{ bitwardenrs_icon_cache_ttl }}' ``` ### bitwardenrs_icon_cache_ttl #### Default value ```YAML bitwardenrs_icon_cache_ttl: 2592000 ``` ### bitwardenrs_icon_download_timeout #### Default value ```YAML bitwardenrs_icon_download_timeout: 10 ``` ### bitwardenrs_image #### Default value ```YAML bitwardenrs_image: thegeeklab/bitwardenrs:{{ bitwardenrs_version }} ``` ### bitwardenrs_invitations_allowed #### Default value ```YAML bitwardenrs_invitations_allowed: true ``` ### bitwardenrs_ip_header #### Default value ```YAML bitwardenrs_ip_header: x-client-ip ``` ### bitwardenrs_log_level #### Default value ```YAML bitwardenrs_log_level: Info ``` ### bitwardenrs_memory_limit #### Default value ```YAML bitwardenrs_memory_limit: _unset_ ``` #### Example usage ```YAML bitwardenrs_memory_limit: 512m ``` ### bitwardenrs_memory_reservation #### Default value ```YAML bitwardenrs_memory_reservation: _unset_ ``` #### Example usage ```YAML bitwardenrs_memory_reservation: 256m ``` ### bitwardenrs_networks #### Default value ```YAML bitwardenrs_networks: - name: default ``` #### Example usage ```YAML bitwardenrs_networks: - name: default # optional network driver, defaults to 'bride' driver: host ``` ### bitwardenrs_networks_applied #### Default value ```YAML bitwardenrs_networks_applied: - default ``` ### bitwardenrs_org_attachment_limit #### Default value ```YAML bitwardenrs_org_attachment_limit: 1024 ``` ### bitwardenrs_password_iterations #### Default value ```YAML bitwardenrs_password_iterations: 100000 ``` ### bitwardenrs_pids_limit #### Default value ```YAML bitwardenrs_pids_limit: _unset_ ``` ### bitwardenrs_reload_templates #### Default value ```YAML bitwardenrs_reload_templates: false ``` ### bitwardenrs_restart_policy #### Default value ```YAML bitwardenrs_restart_policy: always ``` ### bitwardenrs_security_opt #### Default value ```YAML bitwardenrs_security_opt: [] ``` ### bitwardenrs_service_directory #### Default value ```YAML bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs ``` ### bitwardenrs_service_stopped #### Default value ```YAML bitwardenrs_service_stopped: false ``` ### bitwardenrs_show_password_hint #### Default value ```YAML bitwardenrs_show_password_hint: true ``` ### bitwardenrs_signups_allowed #### Default value ```YAML bitwardenrs_signups_allowed: false ``` ### bitwardenrs_signups_domains_whitelist #### Default value ```YAML bitwardenrs_signups_domains_whitelist: _unset_ ``` ### bitwardenrs_signups_verify #### Default value ```YAML bitwardenrs_signups_verify: false ``` ### bitwardenrs_signups_verify_resend_limit #### Default value ```YAML bitwardenrs_signups_verify_resend_limit: 6 ``` ### bitwardenrs_signups_verify_resend_time #### Default value ```YAML bitwardenrs_signups_verify_resend_time: 3600 ``` ### bitwardenrs_smtp_auth_mechanism #### Default value ```YAML bitwardenrs_smtp_auth_mechanism: plain ``` ### bitwardenrs_smtp_from #### Default value ```YAML bitwardenrs_smtp_from: bitwardenrs@localhost ``` ### bitwardenrs_smtp_from_name #### Default value ```YAML bitwardenrs_smtp_from_name: Bitwarden RS ``` ### bitwardenrs_smtp_host #### Default value ```YAML bitwardenrs_smtp_host: _unset_ ``` ### bitwardenrs_smtp_password #### Default value ```YAML bitwardenrs_smtp_password: _unset_ ``` ### bitwardenrs_smtp_port #### Default value ```YAML bitwardenrs_smtp_port: 587 ``` ### bitwardenrs_smtp_ssl #### Default value ```YAML bitwardenrs_smtp_ssl: true ``` ### bitwardenrs_smtp_timeout #### Default value ```YAML bitwardenrs_smtp_timeout: 15 ``` ### bitwardenrs_smtp_username #### Default value ```YAML bitwardenrs_smtp_username: _unset_ ``` ### bitwardenrs_templates_folder #### Default value ```YAML bitwardenrs_templates_folder: _unset_ ``` ### bitwardenrs_user_attachment_limit #### Default value ```YAML bitwardenrs_user_attachment_limit: 1024 ``` ### bitwardenrs_version #### Default value ```YAML bitwardenrs_version: latest ``` ### bitwardenrs_volumes > Define required docker volumes. #### Default value ```YAML bitwardenrs_volumes: - name: data dest: /app/data bind: false ``` #### Example usage ```YAML bitwardenrs_volumes: # Instead of the name you could specify a path on the container host system, # but you also have to enable bind mount for this volume - name: data # target location inside the container dest: /var/www/app/data # enable bind mount, if false volume will be configured as named volume # keep in mind you MUST set bind in any case bind: True ``` ### bitwardenrs_web_vault_enabled #### Default value ```YAML bitwardenrs_web_vault_enabled: true ``` ### bitwardenrs_websocket_enabled If you enable websockets you also have to expose port `3012`. #### Default value ```YAML bitwardenrs_websocket_enabled: false ``` ## Dependencies None.