131 lines
4.3 KiB
YAML
131 lines
4.3 KiB
YAML
---
|
|
bitwardenrs_version: latest
|
|
bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs
|
|
|
|
bitwardenrs_container_name: bitwardenrs
|
|
bitwardenrs_image: "xoxys/bitwardenrs:{{ bitwardenrs_version }}"
|
|
bitwardenrs_restart_policy: on-failure
|
|
bitwardenrs_exposed_port: 80
|
|
bitwardenrs_exposed_ip: 127.0.0.1
|
|
bitwardenrs_extra_hosts: []
|
|
# @var bitwardenrs_volumes_extra:example: >
|
|
# bitwardenrs_volumes_extra:
|
|
# - /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/etc/ssl/certs/ca-certificates.crt:Z
|
|
# @end
|
|
bitwardenrs_volumes_extra: []
|
|
|
|
# @var bitwardenrs_memory_limit: $ "_unset_"
|
|
# @var bitwardenrs_memory_limit:example: $ "512m"
|
|
# @var bitwardenrs_memory_reservation: $ "_unset_"
|
|
# @var bitwardenrs_memory_reservation:example: $ "256m"
|
|
# @var bitwardenrs_cpu_shares: $ "_unset_"
|
|
# @var bitwardenrs_cpu_shares:example: $ "1024"
|
|
|
|
bitwardenrs_cap_add: []
|
|
bitwardenrs_cap_drop: []
|
|
bitwardenrs_security_opt: []
|
|
# @var bitwardenrs_pids_limit: $ "_unset_"
|
|
|
|
bitwardenrs_healthcheck:
|
|
test: '["CMD", "/usr/local/bin/healthcheck.sh"]'
|
|
interval: 10s
|
|
timeout: 3s
|
|
retries: 3
|
|
|
|
bitwardenrs_base_url: "http://localhost/"
|
|
|
|
# @var bitwardenrs_templates_folder: $ "_unset_"
|
|
bitwardenrs_reload_templates: False
|
|
|
|
bitwardenrs_ip_header: x-client-ip
|
|
|
|
bitwardenrs_icon_cache_ttl: 2592000
|
|
bitwardenrs_icon_cache_negttl: "{{ bitwardenrs_icon_cache_ttl }}"
|
|
|
|
bitwardenrs_web_vault_enabled: True
|
|
|
|
bitwardenrs_extended_logging: True
|
|
bitwardenrs_log_level: Info
|
|
|
|
bitwardenrs_disable_icon_download: False
|
|
bitwardenrs_icon_download_timeout: 10
|
|
# @var bitwardenrs_icon_blacklist_regexl: $ "_unset_"
|
|
bitwardenrs_icon_blacklist_non_global_ips: True
|
|
|
|
bitwardenrs_disable_2fa_remember: False
|
|
|
|
bitwardenrs_signups_allowed: False
|
|
bitwardenrs_signups_verify: False
|
|
bitwardenrs_signups_verify_resend_time: 3600
|
|
bitwardenrs_signups_verify_resend_limit: 6
|
|
# @var bitwardenrs_signups_domains_whitelist: $ "_unset_"
|
|
|
|
bitwardenrs_invitations_allowed: True
|
|
|
|
# @var bitwardenrs_admin_token: $ "_unset_"
|
|
|
|
bitwardenrs_password_iterations: 100000
|
|
bitwardenrs_show_password_hint: True
|
|
|
|
bitwardenrs_authenticator_disable_time_drift: False
|
|
|
|
# @var bitwardenrs_smtp_host: $ "_unset_"
|
|
bitwardenrs_smtp_from: "bitwardenrs@localhost"
|
|
bitwardenrs_smtp_from_name: "bitwarden_rs"
|
|
bitwardenrs_smtp_port: 587
|
|
bitwardenrs_smtp_ssl: True
|
|
# @var bitwardenrs_smtp_username: $ "_unset_"
|
|
# @var bitwardenrs_smtp_password: $ "_unset_"
|
|
bitwardenrs_smtp_auth_mechanism: plain
|
|
bitwardenrs_smtp_timeout: 15
|
|
|
|
# @var bitwardenrs_db_server:description: >
|
|
# This ansible roles does only support postgresql as database"
|
|
# @end
|
|
bitwardenrs_db_server: localhost
|
|
bitwardenrs_db_port: 5432
|
|
bitwardenrs_db_name: bitwardenrs
|
|
bitwardenrs_db_user: pgbitwardenrs
|
|
bitwardenrs_db_password: secure
|
|
bitwardenrs_db_ssl_mode: disable
|
|
bitwardenrs_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
|
|
|
|
bitwardenrs_ldap_sync_enabled: False
|
|
bitwardenrs_ldap_container_name: bitwardenrs_ldap
|
|
bitwardenrs_ldap_version: latest
|
|
bitwardenrs_ldap_image: "xoxys/bitwardenrs_ldap:{{ bitwardenrs_ldap_version }}"
|
|
bitwardenrs_ldap_restart_policy: on-failure
|
|
# @var bitwardenrs_ldap_volumes_extra:example: >
|
|
# bitwardenrs_ldap_volumes_extra:
|
|
# - /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem:/etc/ssl/certs/ca-certificates.crt:Z
|
|
# @end
|
|
bitwardenrs_ldap_volumes_extra: []
|
|
|
|
# @var bitwardenrs_ldap_memory_limit: $ "_unset_"
|
|
# @var bitwardenrs_ldap_memory_limit:example: $ "512m"
|
|
# @var bitwardenrs_ldap_memory_reservation: $ "_unset_"
|
|
# @var bitwardenrs_ldap_memory_reservation:example: $ "256m"
|
|
# @var bitwardenrs_ldap_cpu_shares: $ "_unset_"
|
|
# @var bitwardenrs_ldap_cpu_shares:example: $ "1024"
|
|
|
|
bitwardenrs_ldap_cap_add: []
|
|
bitwardenrs_ldap_cap_drop: []
|
|
bitwardenrs_ldap_security_opt: []
|
|
# @var bitwardenrs_ldap_pids_limit: $ "_unset_"
|
|
|
|
bitwardenrs_ldap_bitwarden_url: "{{ bitwardenrs_base_url }}"
|
|
bitwardenrs_ldap_bitwarden_admin_token: "{{ bitwardenrs_admin_token | default('') }}"
|
|
# @var bitwardenrs_ldap_host: $ "_unset_"
|
|
# @var bitwardenrs_ldap_scheme: $ "_unset_"
|
|
bitwardenrs_ldap_ssl: True
|
|
# @var bitwardenrs_ldap_port: $ "_unset_"
|
|
# @var bitwardenrs_ldap_bind_dn: $ "_unset_"
|
|
# @var bitwardenrs_ldap_bind_password: $ "_unset_"
|
|
# @var bitwardenrs_ldap_search_base_dn: $ "_unset_"
|
|
bitwardenrs_ldap_search_filter: "(&(objectclass=*)(uid=*))"
|
|
bitwardenrs_ldap_mail_field: "mail"
|
|
bitwardenrs_ldap_sync_interval_seconds: 60
|
|
bitwardenrs_ldap_sync_loop: True
|
|
|
|
bitwardenrs_docker_compose_bin: /usr/local/bin/docker-compose
|