Robert Kaussow
f53c8d06a5
Author: Robert Kaussow <mail@geeklabor.de>
Date: Sun Sep 27 23:30:34 2020 +0200
trigger ci
12 KiB
12 KiB
| title | type |
|---|---|
| bitwardenrs_docker | docs |
Role to setup a Bitwarden RS password safe. Bitwarden_RS is a community Bitwarden API server implementation written in Rust.
- Default Variables
- bitwardenrs_admin_token
- bitwardenrs_authenticator_disable_time_drift
- bitwardenrs_base_url
- bitwardenrs_cap_add
- bitwardenrs_cap_drop
- bitwardenrs_container_name
- bitwardenrs_cpu_shares
- bitwardenrs_db_name
- bitwardenrs_db_password
- bitwardenrs_db_port
- bitwardenrs_db_server
- bitwardenrs_db_ssl_mode
- bitwardenrs_db_ssl_rootcert
- bitwardenrs_db_user
- bitwardenrs_disable_2fa_remember
- bitwardenrs_disable_icon_download
- bitwardenrs_exposed_ports
- bitwardenrs_extended_logging
- bitwardenrs_extra_hosts
- bitwardenrs_healthcheck
- bitwardenrs_icon_blacklist_non_global_ips
- bitwardenrs_icon_blacklist_regexl
- bitwardenrs_icon_cache_negttl
- bitwardenrs_icon_cache_ttl
- bitwardenrs_icon_download_timeout
- bitwardenrs_image
- bitwardenrs_invitations_allowed
- bitwardenrs_ip_header
- bitwardenrs_log_level
- bitwardenrs_memory_limit
- bitwardenrs_memory_reservation
- bitwardenrs_networks
- bitwardenrs_networks_applied
- bitwardenrs_org_attachment_limit
- bitwardenrs_password_iterations
- bitwardenrs_pids_limit
- bitwardenrs_reload_templates
- bitwardenrs_restart_policy
- bitwardenrs_security_opt
- bitwardenrs_service_directory
- bitwardenrs_service_stopped
- bitwardenrs_show_password_hint
- bitwardenrs_signups_allowed
- bitwardenrs_signups_domains_whitelist
- bitwardenrs_signups_verify
- bitwardenrs_signups_verify_resend_limit
- bitwardenrs_signups_verify_resend_time
- bitwardenrs_smtp_auth_mechanism
- bitwardenrs_smtp_from
- bitwardenrs_smtp_from_name
- bitwardenrs_smtp_host
- bitwardenrs_smtp_password
- bitwardenrs_smtp_port
- bitwardenrs_smtp_ssl
- bitwardenrs_smtp_timeout
- bitwardenrs_smtp_username
- bitwardenrs_templates_folder
- bitwardenrs_user_attachment_limit
- bitwardenrs_version
- bitwardenrs_volumes
- bitwardenrs_web_vault_enabled
- bitwardenrs_websocket_enabled
- Dependencies
Default Variables
bitwardenrs_admin_token
Default value
bitwardenrs_admin_token: _unset_
bitwardenrs_authenticator_disable_time_drift
Default value
bitwardenrs_authenticator_disable_time_drift: false
bitwardenrs_base_url
Default value
bitwardenrs_base_url: http://localhost/
bitwardenrs_cap_add
Default value
bitwardenrs_cap_add: []
bitwardenrs_cap_drop
Default value
bitwardenrs_cap_drop: []
bitwardenrs_container_name
Default value
bitwardenrs_container_name: bitwardenrs
bitwardenrs_cpu_shares
Default value
bitwardenrs_cpu_shares: _unset_
Example usage
bitwardenrs_cpu_shares: '1024'
bitwardenrs_db_name
Default value
bitwardenrs_db_name: bitwardenrs
bitwardenrs_db_password
Default value
bitwardenrs_db_password: secure
bitwardenrs_db_port
Default value
bitwardenrs_db_port: 5432
bitwardenrs_db_server
This ansible roles does only support postgresql as database"
Default value
bitwardenrs_db_server: localhost
bitwardenrs_db_ssl_mode
Default value
bitwardenrs_db_ssl_mode: disable
bitwardenrs_db_ssl_rootcert
Default value
bitwardenrs_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
bitwardenrs_db_user
Default value
bitwardenrs_db_user: pgbitwardenrs
bitwardenrs_disable_2fa_remember
Default value
bitwardenrs_disable_2fa_remember: false
bitwardenrs_disable_icon_download
Default value
bitwardenrs_disable_icon_download: false
bitwardenrs_exposed_ports
Default value
bitwardenrs_exposed_ports:
- 127.0.0.1:8080:8080
Example usage
bitwardenrs_exposed_ports:
- "127.0.0.1:8080:8080"
- "127.0.0.1:3012:3012"
bitwardenrs_extended_logging
Default value
bitwardenrs_extended_logging: true
bitwardenrs_extra_hosts
Default value
bitwardenrs_extra_hosts: []
bitwardenrs_healthcheck
Default value
bitwardenrs_healthcheck:
test: '["CMD", "/usr/local/bin/healthcheck"]'
interval: 10s
timeout: 3s
retries: 3
bitwardenrs_icon_blacklist_non_global_ips
Default value
bitwardenrs_icon_blacklist_non_global_ips: true
bitwardenrs_icon_blacklist_regexl
Default value
bitwardenrs_icon_blacklist_regexl: _unset_
bitwardenrs_icon_cache_negttl
Default value
bitwardenrs_icon_cache_negttl: '{{ bitwardenrs_icon_cache_ttl }}'
bitwardenrs_icon_cache_ttl
Default value
bitwardenrs_icon_cache_ttl: 2592000
bitwardenrs_icon_download_timeout
Default value
bitwardenrs_icon_download_timeout: 10
bitwardenrs_image
Default value
bitwardenrs_image: thegeeklab/bitwardenrs:{{ bitwardenrs_version }}
bitwardenrs_invitations_allowed
Default value
bitwardenrs_invitations_allowed: true
bitwardenrs_ip_header
Default value
bitwardenrs_ip_header: x-client-ip
bitwardenrs_log_level
Default value
bitwardenrs_log_level: Info
bitwardenrs_memory_limit
Default value
bitwardenrs_memory_limit: _unset_
Example usage
bitwardenrs_memory_limit: 512m
bitwardenrs_memory_reservation
Default value
bitwardenrs_memory_reservation: _unset_
Example usage
bitwardenrs_memory_reservation: 256m
bitwardenrs_networks
Default value
bitwardenrs_networks:
- name: default
Example usage
bitwardenrs_networks:
- name: default
# optional network driver, defaults to 'bride'
driver: host
bitwardenrs_networks_applied
Default value
bitwardenrs_networks_applied:
- default
bitwardenrs_org_attachment_limit
Default value
bitwardenrs_org_attachment_limit: 1024
bitwardenrs_password_iterations
Default value
bitwardenrs_password_iterations: 100000
bitwardenrs_pids_limit
Default value
bitwardenrs_pids_limit: _unset_
bitwardenrs_reload_templates
Default value
bitwardenrs_reload_templates: false
bitwardenrs_restart_policy
Default value
bitwardenrs_restart_policy: always
bitwardenrs_security_opt
Default value
bitwardenrs_security_opt: []
bitwardenrs_service_directory
Default value
bitwardenrs_service_directory: /var/lib/docker/services/bitwardenrs
bitwardenrs_service_stopped
Default value
bitwardenrs_service_stopped: false
bitwardenrs_show_password_hint
Default value
bitwardenrs_show_password_hint: true
bitwardenrs_signups_allowed
Default value
bitwardenrs_signups_allowed: false
bitwardenrs_signups_domains_whitelist
Default value
bitwardenrs_signups_domains_whitelist: _unset_
bitwardenrs_signups_verify
Default value
bitwardenrs_signups_verify: false
bitwardenrs_signups_verify_resend_limit
Default value
bitwardenrs_signups_verify_resend_limit: 6
bitwardenrs_signups_verify_resend_time
Default value
bitwardenrs_signups_verify_resend_time: 3600
bitwardenrs_smtp_auth_mechanism
Default value
bitwardenrs_smtp_auth_mechanism: plain
bitwardenrs_smtp_from
Default value
bitwardenrs_smtp_from: bitwardenrs@localhost
bitwardenrs_smtp_from_name
Default value
bitwardenrs_smtp_from_name: Bitwarden RS
bitwardenrs_smtp_host
Default value
bitwardenrs_smtp_host: _unset_
bitwardenrs_smtp_password
Default value
bitwardenrs_smtp_password: _unset_
bitwardenrs_smtp_port
Default value
bitwardenrs_smtp_port: 587
bitwardenrs_smtp_ssl
Default value
bitwardenrs_smtp_ssl: true
bitwardenrs_smtp_timeout
Default value
bitwardenrs_smtp_timeout: 15
bitwardenrs_smtp_username
Default value
bitwardenrs_smtp_username: _unset_
bitwardenrs_templates_folder
Default value
bitwardenrs_templates_folder: _unset_
bitwardenrs_user_attachment_limit
Default value
bitwardenrs_user_attachment_limit: 1024
bitwardenrs_version
Default value
bitwardenrs_version: latest
bitwardenrs_volumes
Define required docker volumes.
Default value
bitwardenrs_volumes:
- name: data
dest: /app/data
bind: false
Example usage
bitwardenrs_volumes:
# Instead of the name you could specify a path on the container host system,
# but you also have to enable bind mount for this volume
- name: data
# target location inside the container
dest: /var/www/app/data
# enable bind mount, if false volume will be configured as named volume
# keep in mind you MUST set bind in any case
bind: True
bitwardenrs_web_vault_enabled
Default value
bitwardenrs_web_vault_enabled: true
bitwardenrs_websocket_enabled
If you enable websockets you also have to expose port 3012.
Default value
bitwardenrs_websocket_enabled: false
Dependencies
None.