xoxys.vaultwarden_docker/defaults/main.yml

---
bitwardenrs_version: latest
bitwardenrs_image: "thegeeklab/bitwardenrs:{{ bitwardenrs_version }}"
bitwardenrs_base_url: "http://localhost/"

bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs
bitwardenrs_container_name: bitwardenrs
bitwardenrs_restart_policy: always
bitwardenrs_service_stopped: False

# @var bitwardenrs_networks:example: >
# bitwardenrs_networks:
#   - name: default
#     # optional network driver, defaults to 'bride'
#     driver: host
# @end
bitwardenrs_networks:
  - name: default

bitwardenrs_networks_applied:
  - default

# @var bitwardenrs_volumes:description: > Define required docker volumes.
# @end
# @var bitwardenrs_volumes:example: >
# bitwardenrs_volumes:
#   # Instead of the name you could specify a path on the container host system,
#   # but you also have to enable bind mount for this volume
#   - name: data
#     # target location inside the container
#     dest: /var/www/app/data
#     # enable bind mount, if false volume will be configured as named volume
#     # keep in mind you MUST set bind in any case
#     bind: True
# @end
bitwardenrs_volumes:
  - name: data
    dest: /app/data
    bind: False

# @var bitwardenrs_websocket_enabled:description: >
# If you enable websockets you also have to expose port `3012`.
# @end
bitwardenrs_websocket_enabled: False

# @var bitwardenrs_exposed_ports:example: >
# bitwardenrs_exposed_ports:
#   - "127.0.0.1:8080:8080"
#   - "127.0.0.1:3012:3012"
# @end
bitwardenrs_exposed_ports:
  - "127.0.0.1:8080:8080"

bitwardenrs_extra_hosts: []

# @var bitwardenrs_memory_limit: $ "_unset_"
# @var bitwardenrs_memory_limit:example: $ "512m"
# @var bitwardenrs_memory_reservation: $ "_unset_"
# @var bitwardenrs_memory_reservation:example: $ "256m"
# @var bitwardenrs_cpu_shares: $ "_unset_"
# @var bitwardenrs_cpu_shares:example: $ "1024"

bitwardenrs_cap_add: []
bitwardenrs_cap_drop: []
bitwardenrs_security_opt: []
# @var bitwardenrs_pids_limit: $ "_unset_"

bitwardenrs_healthcheck:
  test: '["CMD", "/usr/local/bin/healthcheck"]'
  interval: 10s
  timeout: 3s
  retries: 3

# @var bitwardenrs_templates_folder: $ "_unset_"
bitwardenrs_reload_templates: False

bitwardenrs_ip_header: x-client-ip

bitwardenrs_icon_cache_ttl: 2592000
bitwardenrs_icon_cache_negttl: "{{ bitwardenrs_icon_cache_ttl }}"

bitwardenrs_web_vault_enabled: True

bitwardenrs_extended_logging: True
bitwardenrs_log_level: Info

bitwardenrs_disable_icon_download: False
bitwardenrs_icon_download_timeout: 10
# @var bitwardenrs_icon_blacklist_regexl: $ "_unset_"
bitwardenrs_icon_blacklist_non_global_ips: True

bitwardenrs_disable_2fa_remember: False

bitwardenrs_signups_allowed: False
bitwardenrs_signups_verify: False
bitwardenrs_signups_verify_resend_time: 3600
bitwardenrs_signups_verify_resend_limit: 6
# @var bitwardenrs_signups_domains_whitelist: $ "_unset_"

bitwardenrs_invitations_allowed: True

# @var bitwardenrs_admin_token: $ "_unset_"

bitwardenrs_password_iterations: 100000
bitwardenrs_show_password_hint: True

bitwardenrs_authenticator_disable_time_drift: False

bitwardenrs_user_attachment_limit: 1024
bitwardenrs_org_attachment_limit: 1024

# @var bitwardenrs_smtp_host: $ "_unset_"
bitwardenrs_smtp_from: "bitwardenrs@localhost"
bitwardenrs_smtp_from_name: "Bitwarden RS"
bitwardenrs_smtp_port: 587
bitwardenrs_smtp_ssl: True
# @var bitwardenrs_smtp_username: $ "_unset_"
# @var bitwardenrs_smtp_password: $ "_unset_"
bitwardenrs_smtp_auth_mechanism: plain
bitwardenrs_smtp_timeout: 15

# @var bitwardenrs_db_server:description: >
# This ansible roles does only support postgresql as database"
# @end
bitwardenrs_db_server: localhost
bitwardenrs_db_port: 5432
bitwardenrs_db_name: bitwardenrs
bitwardenrs_db_user: pgbitwardenrs
bitwardenrs_db_password: secure
bitwardenrs_db_ssl_mode: disable
bitwardenrs_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt