xoxys.vaultwarden_docker/index.md
Robert Kaussow eca2f1bf10 commit c6113964ba
Author: Robert Kaussow <mail@thegeeklab.de>
Date:   Thu Mar 3 21:16:13 2022 +0100

    chore: add auto-generated _docs folder to gitignore file
2022-03-03 20:39:12 +00:00

645 lines
12 KiB
Markdown

---
title: vaultwarden_docker
type: docs
---
[![Source Code](https://img.shields.io/badge/gitea-source%20code-blue?logo=gitea&logoColor=white)](https://gitea.rknet.org/ansible/xoxys.vaultwarden_docker) [![Build Status](https://img.shields.io/drone/build/ansible/xoxys.vaultwarden_docker?logo=drone&server=https%3A%2F%2Fdrone.rknet.org)](https://drone.rknet.org/ansible/xoxys.vaultwarden_docker) [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://gitea.rknet.org/ansible/xoxys.vaultwarden_docker/src/branch/master/LICENSE)
Role to setup a [Vaultwarden](https://github.com/dani-garcia/vaultwarden) password safe. Vaultwarden is a community Bitwarden API server implementation written in Rust.
- [Default Variables](#default-variables)
- [vaultwarden_admin_token](#vaultwarden_admin_token)
- [vaultwarden_authenticator_disable_time_drift](#vaultwarden_authenticator_disable_time_drift)
- [vaultwarden_base_url](#vaultwarden_base_url)
- [vaultwarden_cap_add](#vaultwarden_cap_add)
- [vaultwarden_cap_drop](#vaultwarden_cap_drop)
- [vaultwarden_container_name](#vaultwarden_container_name)
- [vaultwarden_cpu_shares](#vaultwarden_cpu_shares)
- [vaultwarden_db_name](#vaultwarden_db_name)
- [vaultwarden_db_password](#vaultwarden_db_password)
- [vaultwarden_db_port](#vaultwarden_db_port)
- [vaultwarden_db_server](#vaultwarden_db_server)
- [vaultwarden_db_ssl_mode](#vaultwarden_db_ssl_mode)
- [vaultwarden_db_ssl_rootcert](#vaultwarden_db_ssl_rootcert)
- [vaultwarden_db_user](#vaultwarden_db_user)
- [vaultwarden_disable_2fa_remember](#vaultwarden_disable_2fa_remember)
- [vaultwarden_disable_icon_download](#vaultwarden_disable_icon_download)
- [vaultwarden_exposed_ports](#vaultwarden_exposed_ports)
- [vaultwarden_extended_logging](#vaultwarden_extended_logging)
- [vaultwarden_extra_hosts](#vaultwarden_extra_hosts)
- [vaultwarden_healthcheck](#vaultwarden_healthcheck)
- [vaultwarden_icon_blacklist_non_global_ips](#vaultwarden_icon_blacklist_non_global_ips)
- [vaultwarden_icon_blacklist_regexl](#vaultwarden_icon_blacklist_regexl)
- [vaultwarden_icon_cache_negttl](#vaultwarden_icon_cache_negttl)
- [vaultwarden_icon_cache_ttl](#vaultwarden_icon_cache_ttl)
- [vaultwarden_icon_download_timeout](#vaultwarden_icon_download_timeout)
- [vaultwarden_image](#vaultwarden_image)
- [vaultwarden_invitations_allowed](#vaultwarden_invitations_allowed)
- [vaultwarden_ip_header](#vaultwarden_ip_header)
- [vaultwarden_log_level](#vaultwarden_log_level)
- [vaultwarden_memory_limit](#vaultwarden_memory_limit)
- [vaultwarden_memory_reservation](#vaultwarden_memory_reservation)
- [vaultwarden_networks](#vaultwarden_networks)
- [vaultwarden_networks_applied](#vaultwarden_networks_applied)
- [vaultwarden_org_attachment_limit](#vaultwarden_org_attachment_limit)
- [vaultwarden_password_iterations](#vaultwarden_password_iterations)
- [vaultwarden_pids_limit](#vaultwarden_pids_limit)
- [vaultwarden_reload_templates](#vaultwarden_reload_templates)
- [vaultwarden_restart_policy](#vaultwarden_restart_policy)
- [vaultwarden_security_opt](#vaultwarden_security_opt)
- [vaultwarden_service_directory](#vaultwarden_service_directory)
- [vaultwarden_service_stopped](#vaultwarden_service_stopped)
- [vaultwarden_show_password_hint](#vaultwarden_show_password_hint)
- [vaultwarden_signups_allowed](#vaultwarden_signups_allowed)
- [vaultwarden_signups_domains_whitelist](#vaultwarden_signups_domains_whitelist)
- [vaultwarden_signups_verify](#vaultwarden_signups_verify)
- [vaultwarden_signups_verify_resend_limit](#vaultwarden_signups_verify_resend_limit)
- [vaultwarden_signups_verify_resend_time](#vaultwarden_signups_verify_resend_time)
- [vaultwarden_smtp_auth_mechanism](#vaultwarden_smtp_auth_mechanism)
- [vaultwarden_smtp_from](#vaultwarden_smtp_from)
- [vaultwarden_smtp_from_name](#vaultwarden_smtp_from_name)
- [vaultwarden_smtp_host](#vaultwarden_smtp_host)
- [vaultwarden_smtp_password](#vaultwarden_smtp_password)
- [vaultwarden_smtp_port](#vaultwarden_smtp_port)
- [vaultwarden_smtp_ssl](#vaultwarden_smtp_ssl)
- [vaultwarden_smtp_timeout](#vaultwarden_smtp_timeout)
- [vaultwarden_smtp_username](#vaultwarden_smtp_username)
- [vaultwarden_templates_folder](#vaultwarden_templates_folder)
- [vaultwarden_user_attachment_limit](#vaultwarden_user_attachment_limit)
- [vaultwarden_version](#vaultwarden_version)
- [vaultwarden_volumes](#vaultwarden_volumes)
- [vaultwarden_web_vault_enabled](#vaultwarden_web_vault_enabled)
- [vaultwarden_websocket_enabled](#vaultwarden_websocket_enabled)
- [Dependencies](#dependencies)
---
## Default Variables
### vaultwarden_admin_token
#### Default value
```YAML
vaultwarden_admin_token: _unset_
```
### vaultwarden_authenticator_disable_time_drift
#### Default value
```YAML
vaultwarden_authenticator_disable_time_drift: false
```
### vaultwarden_base_url
#### Default value
```YAML
vaultwarden_base_url: http://localhost/
```
### vaultwarden_cap_add
#### Default value
```YAML
vaultwarden_cap_add: []
```
### vaultwarden_cap_drop
#### Default value
```YAML
vaultwarden_cap_drop: []
```
### vaultwarden_container_name
#### Default value
```YAML
vaultwarden_container_name: vaultwarden
```
### vaultwarden_cpu_shares
#### Default value
```YAML
vaultwarden_cpu_shares: _unset_
```
#### Example usage
```YAML
vaultwarden_cpu_shares: '1024'
```
### vaultwarden_db_name
#### Default value
```YAML
vaultwarden_db_name: vaultwarden
```
### vaultwarden_db_password
#### Default value
```YAML
vaultwarden_db_password: secure
```
### vaultwarden_db_port
#### Default value
```YAML
vaultwarden_db_port: 5432
```
### vaultwarden_db_server
This ansible roles does only support postgresql as database"
#### Default value
```YAML
vaultwarden_db_server: localhost
```
### vaultwarden_db_ssl_mode
#### Default value
```YAML
vaultwarden_db_ssl_mode: disable
```
### vaultwarden_db_ssl_rootcert
#### Default value
```YAML
vaultwarden_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
```
### vaultwarden_db_user
#### Default value
```YAML
vaultwarden_db_user: pgvaultwarden
```
### vaultwarden_disable_2fa_remember
#### Default value
```YAML
vaultwarden_disable_2fa_remember: false
```
### vaultwarden_disable_icon_download
#### Default value
```YAML
vaultwarden_disable_icon_download: false
```
### vaultwarden_exposed_ports
#### Default value
```YAML
vaultwarden_exposed_ports:
- 127.0.0.1:8080:8080
```
#### Example usage
```YAML
vaultwarden_exposed_ports:
- "127.0.0.1:8080:8080"
- "127.0.0.1:3012:3012"
```
### vaultwarden_extended_logging
#### Default value
```YAML
vaultwarden_extended_logging: true
```
### vaultwarden_extra_hosts
#### Default value
```YAML
vaultwarden_extra_hosts: []
```
### vaultwarden_healthcheck
#### Default value
```YAML
vaultwarden_healthcheck:
test: '["CMD", "/usr/local/bin/healthcheck"]'
interval: 10s
timeout: 3s
retries: 3
```
### vaultwarden_icon_blacklist_non_global_ips
#### Default value
```YAML
vaultwarden_icon_blacklist_non_global_ips: true
```
### vaultwarden_icon_blacklist_regexl
#### Default value
```YAML
vaultwarden_icon_blacklist_regexl: _unset_
```
### vaultwarden_icon_cache_negttl
#### Default value
```YAML
vaultwarden_icon_cache_negttl: '{{ vaultwarden_icon_cache_ttl }}'
```
### vaultwarden_icon_cache_ttl
#### Default value
```YAML
vaultwarden_icon_cache_ttl: 2592000
```
### vaultwarden_icon_download_timeout
#### Default value
```YAML
vaultwarden_icon_download_timeout: 10
```
### vaultwarden_image
#### Default value
```YAML
vaultwarden_image: thegeeklab/vaultwarden:{{ vaultwarden_version }}
```
### vaultwarden_invitations_allowed
#### Default value
```YAML
vaultwarden_invitations_allowed: true
```
### vaultwarden_ip_header
#### Default value
```YAML
vaultwarden_ip_header: x-client-ip
```
### vaultwarden_log_level
#### Default value
```YAML
vaultwarden_log_level: Info
```
### vaultwarden_memory_limit
#### Default value
```YAML
vaultwarden_memory_limit: _unset_
```
#### Example usage
```YAML
vaultwarden_memory_limit: 512m
```
### vaultwarden_memory_reservation
#### Default value
```YAML
vaultwarden_memory_reservation: _unset_
```
#### Example usage
```YAML
vaultwarden_memory_reservation: 256m
```
### vaultwarden_networks
#### Default value
```YAML
vaultwarden_networks:
- name: default
```
#### Example usage
```YAML
vaultwarden_networks:
- name: default
# optional network driver, defaults to 'bride'
driver: host
```
### vaultwarden_networks_applied
#### Default value
```YAML
vaultwarden_networks_applied:
- default
```
### vaultwarden_org_attachment_limit
#### Default value
```YAML
vaultwarden_org_attachment_limit: 1024
```
### vaultwarden_password_iterations
#### Default value
```YAML
vaultwarden_password_iterations: 100000
```
### vaultwarden_pids_limit
#### Default value
```YAML
vaultwarden_pids_limit: _unset_
```
### vaultwarden_reload_templates
#### Default value
```YAML
vaultwarden_reload_templates: false
```
### vaultwarden_restart_policy
#### Default value
```YAML
vaultwarden_restart_policy: always
```
### vaultwarden_security_opt
#### Default value
```YAML
vaultwarden_security_opt: []
```
### vaultwarden_service_directory
#### Default value
```YAML
vaultwarden_service_directory: /var/lib/docker/services/vaultwarden
```
### vaultwarden_service_stopped
#### Default value
```YAML
vaultwarden_service_stopped: false
```
### vaultwarden_show_password_hint
#### Default value
```YAML
vaultwarden_show_password_hint: true
```
### vaultwarden_signups_allowed
#### Default value
```YAML
vaultwarden_signups_allowed: false
```
### vaultwarden_signups_domains_whitelist
#### Default value
```YAML
vaultwarden_signups_domains_whitelist: _unset_
```
### vaultwarden_signups_verify
#### Default value
```YAML
vaultwarden_signups_verify: false
```
### vaultwarden_signups_verify_resend_limit
#### Default value
```YAML
vaultwarden_signups_verify_resend_limit: 6
```
### vaultwarden_signups_verify_resend_time
#### Default value
```YAML
vaultwarden_signups_verify_resend_time: 3600
```
### vaultwarden_smtp_auth_mechanism
#### Default value
```YAML
vaultwarden_smtp_auth_mechanism: plain
```
### vaultwarden_smtp_from
#### Default value
```YAML
vaultwarden_smtp_from: vaultwarden@localhost
```
### vaultwarden_smtp_from_name
#### Default value
```YAML
vaultwarden_smtp_from_name: Vaultwarden
```
### vaultwarden_smtp_host
#### Default value
```YAML
vaultwarden_smtp_host: _unset_
```
### vaultwarden_smtp_password
#### Default value
```YAML
vaultwarden_smtp_password: _unset_
```
### vaultwarden_smtp_port
#### Default value
```YAML
vaultwarden_smtp_port: 587
```
### vaultwarden_smtp_ssl
#### Default value
```YAML
vaultwarden_smtp_ssl: true
```
### vaultwarden_smtp_timeout
#### Default value
```YAML
vaultwarden_smtp_timeout: 15
```
### vaultwarden_smtp_username
#### Default value
```YAML
vaultwarden_smtp_username: _unset_
```
### vaultwarden_templates_folder
#### Default value
```YAML
vaultwarden_templates_folder: _unset_
```
### vaultwarden_user_attachment_limit
#### Default value
```YAML
vaultwarden_user_attachment_limit: 1024
```
### vaultwarden_version
#### Default value
```YAML
vaultwarden_version: latest
```
### vaultwarden_volumes
> Define required docker volumes.
#### Default value
```YAML
vaultwarden_volumes:
- name: data
dest: /app/data
bind: false
```
#### Example usage
```YAML
vaultwarden_volumes:
# Instead of the name you could specify a path on the container host system,
# but you also have to enable bind mount for this volume
- name: data
# target location inside the container
dest: /var/www/app/data
# enable bind mount, if false volume will be configured as named volume
# keep in mind you MUST set bind in any case
bind: True
```
### vaultwarden_web_vault_enabled
#### Default value
```YAML
vaultwarden_web_vault_enabled: true
```
### vaultwarden_websocket_enabled
If you enable websockets you also have to expose port `3012`.
#### Default value
```YAML
vaultwarden_websocket_enabled: false
```
## Dependencies
None.