-
Notifications
You must be signed in to change notification settings - Fork 5
/
bitwarden.yml
109 lines (93 loc) · 4.53 KB
/
bitwarden.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
---
# using vaultwarden
- hosts: homelab
vars:
application: bitwarden
docker_network: "{{ networks.pub }}"
handlers:
- name: Restart
community.docker.docker_container:
name: "{{ application }}"
restart: true
comparisons:
'*': ignore
tasks:
- name: Create config folder
ansible.builtin.file:
path: "{{ config_directory }}"
state: directory
owner: "{{ common_user }}"
group: "{{ common_group }}"
mode: "0771"
- name: Create postgres container
ansible.builtin.import_role:
name: postgres
vars:
postgres_version: 16
postgres_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
35393133643464346162626134323933353965623330656535353265383533663961323138616538
6363313833656530363063663166303363313066343133310a623763316639303764666436616362
31643163326630306166323431303533626665306437636461313664626537656161346666343431
3436653764366235390a653332393364323733353135633564346463316366363032383663323132
30303764383431623866386361643938343964626462366466646139353332363031
- name: Create container
ansible.builtin.include_role:
name: docker_container
vars:
image: ghcr.io/dani-garcia/vaultwarden:1.32.6
user: "{{ common_user_id }}:{{ common_group_id }}"
env:
DOMAIN: "https://{{ application }}.{{ common_tld }}"
DISABLE_ADMIN_TOKEN: "false"
ADMIN_TOKEN: !vault |
$ANSIBLE_VAULT;1.1;AES256
34333665393563353737386531306139396664326433366334313331613335313934393561323831
3934343265633363393365333333643439613364666232330a303630333337383831316363313864
36353031643430633566303439393961666531666139626531306332653464643066336439666230
6138613464333535620a376632653931373361646464383263393938333062323632666430313831
33326166316335363030353536666663383638333461656331383231306262366539316133393039
33323336313731353435623136336534626536666435353662326666613438616261623266303765
32393161316162316463343838383161366262646132353839613632656332313563643136636164
39633766646265656330636139313131333535393832306565386432616236356338303865653436
62316531396634366439383362356264623537366534323264313133386236326138633431326637
6433333139653666383131656339313338653361333961343430
SIGNUPS_ALLOWED: "false"
INVITATIONS_ALLOWED: "true"
# get keys from https://bitwarden.com/host/
PUSH_ENABLED: "true"
PUSH_INSTALLATION_ID: !vault |
$ANSIBLE_VAULT;1.1;AES256
65333739666139393363376537316532616362636430636632313834393636653835363263666236
3238393430373962336466646636346539333739363661620a623262623730303763326331626135
64343633633066376133373031616335636236646465303662653439346139366662323137366337
3339643337353239640a313230613332656231333563663937363264393139306537373333373834
36343165383464663831353336373762303631626162653839346665663031316566663737393466
3963366636396463386130303663623230353564313532303362
PUSH_INSTALLATION_KEY: !vault |
$ANSIBLE_VAULT;1.1;AES256
66346138353766393264643562386664383862306365303633323664366434353834376130663630
6435633336383734323536383539613239313338323233380a396130656362313732653735306666
66643165396130636139383439313930653435323366393139663532316463363261656266643165
3336393862333433360a373037383031336636373632646163346466633561353832393837626632
32663939616332613233626462663034646330633930623631616231386337326532
ORG_EVENTS_ENABLED: "true"
EVENTS_DAYS_RETAIN: "14"
SMTP_HOST: "{{ common_email_server }}"
SMTP_PORT: "{{ common_email_port | string }}"
SMTP_SECURITY: "{{ 'starttls' if common_email_protocol == 'tls' else 'false' }}"
SMTP_USERNAME: "{{ common_email_username }}"
SMTP_PASSWORD: "{{ common_email_password }}"
SMTP_FROM: "{{ application }}{{ common_email_to }}"
DATABASE_URL: "{{ _postgres_url }}"
LOG_FILE: /data/vaultwarden.log
LOGIN_RATELIMIT_MAX_BURST: "2"
LOGIN_RATELIMIT_SECONDS: "600"
volumes:
- "{{ config_directory }}/{{ application }}:/data"
traefik:
- port: 80
homepage:
group: Tools
weight: 200
description: "Password manager (Vaultwarden)"