vaultwarden/Dockerfile

44 lines
1.5 KiB
Docker
Raw Normal View History

FROM thegeeklab/alpine:latest@sha256:3da2629385033afb5dfae372f77a5d1517e2545cb41f9e6a7618b49b04bff7cc
2020-02-22 15:58:35 +00:00
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.title="vaultwarden"
LABEL org.opencontainers.image.url="https://gitea.rknet.org/docker/vaultwarden"
LABEL org.opencontainers.image.source="https://gitea.rknet.org/docker/vaultwarden"
LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/docker/vaultwarden"
2021-05-15 13:25:24 +00:00
ARG WEBVAULT_VERSION
2020-02-22 15:58:35 +00:00
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
chore(deps): update vaultwarden packages (#44) This PR contains the following updates: | Package | Update | Change | |---|---|---| | [dani-garcia/bw_web_builds](https://github.com/dani-garcia/bw_web_builds) | minor | `v2.20.4b` -> `v2.21.1` | | [dani-garcia/vaultwarden](https://github.com/dani-garcia/vaultwarden) | patch | `1.22.1` -> `1.22.2` | --- ### Release Notes <details> <summary>dani-garcia/bw_web_builds</summary> ### [`v2.21.1`](https://github.com/dani-garcia/bw_web_builds/releases/v2.21.1) [Compare Source](https://github.com/dani-garcia/bw_web_builds/compare/v2.20.4b...v2.21.1) https://github.com/bitwarden/web/releases/tag/v2.21.1 </details> <details> <summary>dani-garcia/vaultwarden</summary> ### [`v1.22.2`](https://github.com/dani-garcia/vaultwarden/releases/1.22.2) [Compare Source](https://github.com/dani-garcia/vaultwarden/compare/1.22.1...1.22.2) ⚠️ **Reminder**: If you are still using the `bitwardenrs/server*` Docker images, you need to migrate to the new `vaultwarden` image. Check https://github.com/dani-garcia/vaultwarden/discussions/1642 for an explanation. The old images are deprecated and will stop being updated after 1.23.0. - Updated web vault to 2.21.1. - Enforce 2FA policy in organizations. - Protect send routes against a possible path traversal attack. - Disable `show_password_hint` by default, it still can be enabled in the admin panel or with environment variables. - Disable user verification enforcement in Webauthn, which would make some users unable to login. - Fix issue that wouldn't correctly delete Webauthn Key. - Added Edge extension support for Webauthn. </details> --- ### Configuration 📅 **Schedule**: At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://gitea.rknet.org/docker/vaultwarden/pulls/44 Co-authored-by: Renovator Bot <renovator@rknet.org> Co-committed-by: Renovator Bot <renovator@rknet.org>
2021-07-27 19:35:55 +00:00
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2.21.1}"
2020-02-22 15:58:35 +00:00
ADD overlay/ /
RUN apk --update add --virtual .build-deps tar curl && \
2020-10-17 21:17:18 +00:00
apk --update add openssl postgresql-libs sqlite ca-certificates && \
2020-02-22 15:58:35 +00:00
mkdir -p /app/web-vault /app/data && \
echo "Using Web Vault version '${WEBVAULT_VERSION##v}' ..." && \
curl -SsL "https://github.com/dani-garcia/bw_web_builds/releases/download/${WEBVAULT_VERSION}/bw_web_${WEBVAULT_VERSION}.tar.gz" | \
2020-02-22 19:21:14 +00:00
tar xz -C /app && \
2020-02-22 15:58:35 +00:00
apk del .build-deps && \
rm -rf /var/cache/apk/* && \
rm -rf /tmp/* && \
chown -R app:app /app
ADD src/Rocket.toml /app
ADD src/target/x86_64-unknown-linux-musl/release/vaultwarden /app
2020-02-22 15:58:35 +00:00
VOLUME /app/data
EXPOSE 8080
EXPOSE 3012
USER app
STOPSIGNAL SIGTERM
ENTRYPOINT ["/usr/local/bin/entrypoint"]
HEALTHCHECK --interval=10s --timeout=3s --retries=3 CMD /usr/local/bin/healthcheck
WORKDIR /app
CMD []