This commit is contained in:
parent
286708c5e7
commit
d36cb0ecc8
@ -38,6 +38,8 @@ steps:
|
||||
- name: verify
|
||||
image: alpine
|
||||
commands:
|
||||
- apk add tree
|
||||
- tree
|
||||
- src/target/x86_64-unknown-linux-musl/release/vaultwarden --help
|
||||
- src/target/x86_64-unknown-linux-musl/release/vaultwarden --version
|
||||
depends_on:
|
||||
|
||||
@ -7,17 +7,18 @@ LABEL org.opencontainers.image.url="https://gitea.rknet.org/docker/vaultwarden"
|
||||
LABEL org.opencontainers.image.source="https://gitea.rknet.org/docker/vaultwarden"
|
||||
LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/docker/vaultwarden"
|
||||
|
||||
ARG VAULT_VERSION
|
||||
ARG WEBWEBVAULT_VERSION
|
||||
|
||||
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds
|
||||
ENV VAULT_VERSION="${VAULT_VERSION:-v2.19.0}"
|
||||
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2.19.0}"
|
||||
|
||||
ADD overlay/ /
|
||||
|
||||
RUN apk --update add --virtual .build-deps tar curl && \
|
||||
apk --update add openssl postgresql-libs sqlite ca-certificates && \
|
||||
mkdir -p /app/web-vault /app/data && \
|
||||
echo "Using Web Vault version '${VAULT_VERSION##v}' ..." && \
|
||||
curl -SsL "https://github.com/dani-garcia/bw_web_builds/releases/download/${VAULT_VERSION}/bw_web_${VAULT_VERSION}.tar.gz" | \
|
||||
echo "Using Web Vault version '${WEBVAULT_VERSION##v}' ..." && \
|
||||
curl -SsL "https://github.com/dani-garcia/bw_web_builds/releases/download/${WEBVAULT_VERSION}/bw_web_${WEBVAULT_VERSION}.tar.gz" | \
|
||||
tar xz -C /app && \
|
||||
apk del .build-deps && \
|
||||
rm -rf /var/cache/apk/* && \
|
||||
|
||||
2
Makefile
2
Makefile
@ -22,7 +22,7 @@ build-bin:
|
||||
rustup set profile minimal && \
|
||||
cd $(SRC) && \
|
||||
rustup target add x86_64-unknown-linux-musl && \
|
||||
BWRS_VERSION="$${BUILD_VERSION##v}" cargo build -j 8 --features $(DB) --release
|
||||
VWRS_VERSION="$${BUILD_VERSION##v}" cargo build -j 8 --features $(DB) --release
|
||||
|
||||
.PHONY: clean
|
||||
clean:
|
||||
|
||||
@ -8,7 +8,7 @@ Custom image for VAULTWARDEN password manager
|
||||
[](https://gitea.rknet.org/docker/vaultwarden)
|
||||
[](https://gitea.rknet.org/docker/vaultwarden/src/branch/main/LICENSE)
|
||||
|
||||
This is a rootless custom Docker image for [vaultwarden](https://github.com/dani-garcia/vaultwarden). vaultwarden is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
|
||||
This is a rootless custom Docker image for [vaultwarden](https://github.com/dani-garcia/vaultwarden). Vaultwarden is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
|
||||
|
||||
> **WARNING**: This build supports SQLite and PostgreSQL database backend only.
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@ services:
|
||||
container_name: postgres
|
||||
image: postgres
|
||||
environment:
|
||||
POSTGRES_DB: bitwarden
|
||||
POSTGRES_DB: vaultwarden
|
||||
POSTGRES_PASSWORD: pass
|
||||
POSTGRES_USER: user
|
||||
|
||||
@ -20,7 +20,7 @@ services:
|
||||
volumes:
|
||||
- data:/app/data
|
||||
environment:
|
||||
VAULTWARDEN_DATABASE_URL: postgresql://user:pass@vaultwarden_postgres:5432/bitwarden
|
||||
VAULTWARDEN_DATABASE_URL: postgresql://user:pass@vaultwarden_postgres:5432/vaultwarden
|
||||
VAULTWARDEN_ADMIN_TOKEN: test
|
||||
|
||||
volumes:
|
||||
|
||||
@ -1,85 +1,85 @@
|
||||
## Bitwarden_RS Configuration File
|
||||
## Vaultwarden Configuration File
|
||||
DATA_FOLDER=/app/data
|
||||
RSA_KEY_FILENAME=/app/data/rsa_key
|
||||
ICON_CACHE_FOLDER=/app/data/icon_cache
|
||||
ATTACHMENTS_FOLDER=/app/data/attachments
|
||||
|
||||
{{ if (getenv "BITWARDENRS_DATABASE_URL") -}}
|
||||
DATABASE_URL={{ getenv "BITWARDENRS_DATABASE_URL" }}
|
||||
{{ if (getenv "VAULTWARDEN_DATABASE_URL") -}}
|
||||
DATABASE_URL={{ getenv "VAULTWARDEN_DATABASE_URL" }}
|
||||
{{ end -}}
|
||||
|
||||
USER_ATTACHMENT_LIMIT={{ getenv "BITWARDENRS_USER_ATTACHMENT_LIMIT" "1024" }}
|
||||
ORG_ATTACHMENT_LIMIT={{ getenv "BITWARDENRS_ORG_ATTACHMENT_LIMIT" "1024" }}
|
||||
USER_ATTACHMENT_LIMIT={{ getenv "VAULTWARDEN_USER_ATTACHMENT_LIMIT" "1024" }}
|
||||
ORG_ATTACHMENT_LIMIT={{ getenv "VAULTWARDEN_ORG_ATTACHMENT_LIMIT" "1024" }}
|
||||
|
||||
{{ if (getenv "BITWARDENRS_TEMPLATES_FOLDER") -}}
|
||||
TEMPLATES_FOLDER={{ getenv "BITWARDENRS_TEMPLATES_FOLDER" }}
|
||||
{{ if (getenv "VAULTWARDEN_TEMPLATES_FOLDER") -}}
|
||||
TEMPLATES_FOLDER={{ getenv "VAULTWARDEN_TEMPLATES_FOLDER" }}
|
||||
{{ end -}}
|
||||
RELOAD_TEMPLATES={{ getenv "BITWARDENRS_RELOAD_TEMPLATES" "false" | conv.Bool }}
|
||||
RELOAD_TEMPLATES={{ getenv "VAULTWARDEN_RELOAD_TEMPLATES" "false" | conv.Bool }}
|
||||
|
||||
IP_HEADER={{ getenv "BITWARDENRS_IP_HEADER" "X-Client-IP" }}
|
||||
IP_HEADER={{ getenv "VAULTWARDEN_IP_HEADER" "X-Client-IP" }}
|
||||
|
||||
ICON_CACHE_TTL={{ getenv "BITWARDENRS_ICON_CACHE_TTL" "2592000" }}
|
||||
ICON_CACHE_NEGTTL={{ getenv "BITWARDENRS_ICON_CACHE_NEGTTL" "259200" }}
|
||||
ICON_CACHE_TTL={{ getenv "VAULTWARDEN_ICON_CACHE_TTL" "2592000" }}
|
||||
ICON_CACHE_NEGTTL={{ getenv "VAULTWARDEN_ICON_CACHE_NEGTTL" "259200" }}
|
||||
|
||||
WEB_VAULT_FOLDER=/app/web-vault/
|
||||
WEB_VAULT_ENABLED={{ getenv "BITWARDENRS_WEB_VAULT_ENABLED" "true" | conv.Bool }}
|
||||
WEB_VAULT_ENABLED={{ getenv "VAULTWARDEN_WEB_VAULT_ENABLED" "true" | conv.Bool }}
|
||||
|
||||
WEBSOCKET_ENABLED={{ getenv "BITWARDENRS_WEBSOCKET_ENABLED" "false" | conv.Bool }}
|
||||
WEBSOCKET_ENABLED={{ getenv "VAULTWARDEN_WEBSOCKET_ENABLED" "false" | conv.Bool }}
|
||||
WEBSOCKET_ADDRESS=0.0.0.0
|
||||
WEBSOCKET_PORT=3012
|
||||
|
||||
EXTENDED_LOGGING={{ getenv "BITWARDENRS_EXTENDED_LOGGING" "true" | conv.Bool }}
|
||||
LOG_LEVEL={{ getenv "BITWARDENRS_LOG_LEVEL" "Info" }}
|
||||
EXTENDED_LOGGING={{ getenv "VAULTWARDEN_EXTENDED_LOGGING" "true" | conv.Bool }}
|
||||
LOG_LEVEL={{ getenv "VAULTWARDEN_LOG_LEVEL" "Info" }}
|
||||
|
||||
ENABLE_DB_WAL=true
|
||||
|
||||
DISABLE_ICON_DOWNLOAD={{ getenv "BITWARDENRS_DISABLE_ICON_DOWNLOAD" "false" | conv.Bool }}
|
||||
ICON_DOWNLOAD_TIMEOUT={{ getenv "BITWARDENRS_ICON_DOWNLOAD_TIMEOUT" "10" }}
|
||||
{{ if (getenv "BITWARDENRS_ICON_BLACKLIST_REGEXL") -}}
|
||||
ICON_BLACKLIST_REGEX={{ getenv "BITWARDENRS_ICON_BLACKLIST_REGEXL" }}
|
||||
DISABLE_ICON_DOWNLOAD={{ getenv "VAULTWARDEN_DISABLE_ICON_DOWNLOAD" "false" | conv.Bool }}
|
||||
ICON_DOWNLOAD_TIMEOUT={{ getenv "VAULTWARDEN_ICON_DOWNLOAD_TIMEOUT" "10" }}
|
||||
{{ if (getenv "VAULTWARDEN_ICON_BLACKLIST_REGEXL") -}}
|
||||
ICON_BLACKLIST_REGEX={{ getenv "VAULTWARDEN_ICON_BLACKLIST_REGEXL" }}
|
||||
{{ end -}}
|
||||
ICON_BLACKLIST_NON_GLOBAL_IPS={{ getenv "BITWARDENRS_ICON_BLACKLIST_NON_GLOBAL_IPS" "true" | conv.Bool }}
|
||||
ICON_BLACKLIST_NON_GLOBAL_IPS={{ getenv "VAULTWARDEN_ICON_BLACKLIST_NON_GLOBAL_IPS" "true" | conv.Bool }}
|
||||
|
||||
DISABLE_2FA_REMEMBER={{ getenv "BITWARDENRS_DISABLE_2FA_REMEMBER" "false" | conv.Bool }}
|
||||
DISABLE_2FA_REMEMBER={{ getenv "VAULTWARDEN_DISABLE_2FA_REMEMBER" "false" | conv.Bool }}
|
||||
|
||||
SIGNUPS_ALLOWED={{ getenv "BITWARDENRS_SIGNUPS_ALLOWED" "true" | conv.Bool }}
|
||||
SIGNUPS_VERIFY={{ getenv "BITWARDENRS_SIGNUPS_VERIFY" "false" | conv.Bool }}
|
||||
SIGNUPS_VERIFY_RESEND_TIME={{ getenv "BITWARDENRS_SIGNUPS_VERIFY_RESEND_TIME" "3600" }}
|
||||
SIGNUPS_VERIFY_RESEND_LIMIT={{ getenv "BITWARDENRS_SIGNUPS_VERIFY_RESEND_LIMIT" "6" }}
|
||||
{{ if (getenv "BITWARDENRS_SIGNUPS_DOMAINS_WHITELIST") -}}
|
||||
SIGNUPS_DOMAINS_WHITELIST={{ getenv "BITWARDENRS_SIGNUPS_DOMAINS_WHITELIST" }}
|
||||
SIGNUPS_ALLOWED={{ getenv "VAULTWARDEN_SIGNUPS_ALLOWED" "true" | conv.Bool }}
|
||||
SIGNUPS_VERIFY={{ getenv "VAULTWARDEN_SIGNUPS_VERIFY" "false" | conv.Bool }}
|
||||
SIGNUPS_VERIFY_RESEND_TIME={{ getenv "VAULTWARDEN_SIGNUPS_VERIFY_RESEND_TIME" "3600" }}
|
||||
SIGNUPS_VERIFY_RESEND_LIMIT={{ getenv "VAULTWARDEN_SIGNUPS_VERIFY_RESEND_LIMIT" "6" }}
|
||||
{{ if (getenv "VAULTWARDEN_SIGNUPS_DOMAINS_WHITELIST") -}}
|
||||
SIGNUPS_DOMAINS_WHITELIST={{ getenv "VAULTWARDEN_SIGNUPS_DOMAINS_WHITELIST" }}
|
||||
{{ end -}}
|
||||
|
||||
INVITATIONS_ALLOWED={{ getenv "BITWARDENRS_INVITATIONS_ALLOWED" "true" | conv.Bool }}
|
||||
INVITATION_ORG_NAME={{ getenv "BITWARDENRS_INVITATION_ORG_NAME" "Bitwarden_RS" }}
|
||||
INVITATIONS_ALLOWED={{ getenv "VAULTWARDEN_INVITATIONS_ALLOWED" "true" | conv.Bool }}
|
||||
INVITATION_ORG_NAME={{ getenv "VAULTWARDEN_INVITATION_ORG_NAME" "Vaultwarden" }}
|
||||
|
||||
{{ if (getenv "BITWARDENRS_ADMIN_TOKEN") -}}
|
||||
ADMIN_TOKEN={{ getenv "BITWARDENRS_ADMIN_TOKEN" }}
|
||||
{{ if (getenv "VAULTWARDEN_ADMIN_TOKEN") -}}
|
||||
ADMIN_TOKEN={{ getenv "VAULTWARDEN_ADMIN_TOKEN" }}
|
||||
{{ end -}}
|
||||
DISABLE_ADMIN_TOKEN=false
|
||||
|
||||
PASSWORD_ITERATIONS={{ getenv "BITWARDENRS_PASSWORD_ITERATIONS" "100000" }}
|
||||
SHOW_PASSWORD_HINT={{ getenv "BITWARDENRS_SHOW_PASSWORD_HINT" "true" | conv.Bool }}
|
||||
DOMAIN={{ getenv "BITWARDENRS_DOMAIN" "http://localhost/" }}
|
||||
PASSWORD_ITERATIONS={{ getenv "VAULTWARDEN_PASSWORD_ITERATIONS" "100000" }}
|
||||
SHOW_PASSWORD_HINT={{ getenv "VAULTWARDEN_SHOW_PASSWORD_HINT" "true" | conv.Bool }}
|
||||
DOMAIN={{ getenv "VAULTWARDEN_DOMAIN" "http://localhost/" }}
|
||||
|
||||
AUTHENTICATOR_DISABLE_TIME_DRIFT={{ getenv "BITWARDENRS_AUTHENTICATOR_DISABLE_TIME_DRIFT" "false" | conv.Bool }}
|
||||
AUTHENTICATOR_DISABLE_TIME_DRIFT={{ getenv "VAULTWARDEN_AUTHENTICATOR_DISABLE_TIME_DRIFT" "false" | conv.Bool }}
|
||||
|
||||
ROCKET_ADDRESS=0.0.0.0
|
||||
ROCKET_PORT=8080
|
||||
{{ if (getenv "BITWARDENRS_ROCKET_WORKERS") -}}
|
||||
ROCKET_WORKERS={{ getenv "BITWARDENRS_ROCKET_WORKERS" }}
|
||||
{{ if (getenv "VAULTWARDEN_ROCKET_WORKERS") -}}
|
||||
ROCKET_WORKERS={{ getenv "VAULTWARDEN_ROCKET_WORKERS" }}
|
||||
{{ end -}}
|
||||
|
||||
{{ if (getenv "BITWARDENRS_SMTP_HOST") -}}
|
||||
SMTP_HOST={{ getenv "BITWARDENRS_SMTP_HOST" }}
|
||||
SMTP_FROM={{ getenv "BITWARDENRS_SMTP_FROM" }}
|
||||
SMTP_FROM_NAME={{ getenv "BITWARDENRS_SMTP_FROM_NAME" "Bitwarden_RS" }}
|
||||
SMTP_PORT={{ getenv "BITWARDENRS_SMTP_PORT" "587" }}
|
||||
SMTP_SSL={{ getenv "BITWARDENRS_SMTP_SSL" "true" | conv.Bool }}
|
||||
{{ if (getenv "BITWARDENRS_SMTP_USERNAME") -}}
|
||||
SMTP_USERNAME={{ getenv "BITWARDENRS_SMTP_USERNAME" }}
|
||||
SMTP_PASSWORD={{ getenv "BITWARDENRS_SMTP_PASSWORD" }}
|
||||
{{ if (getenv "VAULTWARDEN_SMTP_HOST") -}}
|
||||
SMTP_HOST={{ getenv "VAULTWARDEN_SMTP_HOST" }}
|
||||
SMTP_FROM={{ getenv "VAULTWARDEN_SMTP_FROM" }}
|
||||
SMTP_FROM_NAME={{ getenv "VAULTWARDEN_SMTP_FROM_NAME" "Vaultwarden" }}
|
||||
SMTP_PORT={{ getenv "VAULTWARDEN_SMTP_PORT" "587" }}
|
||||
SMTP_SSL={{ getenv "VAULTWARDEN_SMTP_SSL" "true" | conv.Bool }}
|
||||
{{ if (getenv "VAULTWARDEN_SMTP_USERNAME") -}}
|
||||
SMTP_USERNAME={{ getenv "VAULTWARDEN_SMTP_USERNAME" }}
|
||||
SMTP_PASSWORD={{ getenv "VAULTWARDEN_SMTP_PASSWORD" }}
|
||||
{{ end -}}
|
||||
SMTP_AUTH_MECHANISM={{ getenv "BITWARDENRS_SMTP_AUTH_MECHANISM" "Plain" }}
|
||||
SMTP_TIMEOUT={{ getenv "BITWARDENRS_SMTP_TIMEOUT" "15" }}
|
||||
SMTP_AUTH_MECHANISM={{ getenv "VAULTWARDEN_SMTP_AUTH_MECHANISM" "Plain" }}
|
||||
SMTP_TIMEOUT={{ getenv "VAULTWARDEN_SMTP_TIMEOUT" "15" }}
|
||||
{{ end -}}
|
||||
|
||||
@ -13,5 +13,5 @@ then
|
||||
/usr/local/bin/wait-for "${WAITFOR_HOST}":"${WAITFOR_PORT:-5432}"
|
||||
fi
|
||||
|
||||
printf "Start Bitwarden Server ...\n"
|
||||
printf "Start Vaultwarden Server ...\n"
|
||||
exec /app/vaultwarden
|
||||
|
||||
Loading…
Reference in New Issue
Block a user