diff options
| author | elizabeth.hunt@simponic.xyz <elizabeth.hunt@simponic.xyz> | 2024-01-15 16:04:36 -0700 |
|---|---|---|
| committer | elizabeth.hunt@simponic.xyz <elizabeth.hunt@simponic.xyz> | 2024-01-15 16:04:36 -0700 |
| commit | e0684788650738113b075befb8027cfdfade0c1f (patch) | |
| tree | e74dbeefcb84dcc384813a0adddf6ede56197cca /roles/vaultwarden | |
| parent | a1ff343f7da23e92381a756bf3c6a8a80fa8087f (diff) | |
| download | oldinfra-e0684788650738113b075befb8027cfdfade0c1f.tar.gz oldinfra-e0684788650738113b075befb8027cfdfade0c1f.zip | |
add vaultwarden config
Diffstat (limited to 'roles/vaultwarden')
| -rw-r--r-- | roles/vaultwarden/tasks/main.yml | 22 | ||||
| -rw-r--r-- | roles/vaultwarden/templates/docker-compose.yml.j2 | 36 |
2 files changed, 58 insertions, 0 deletions
diff --git a/roles/vaultwarden/tasks/main.yml b/roles/vaultwarden/tasks/main.yml new file mode 100644 index 0000000..5c57bb5 --- /dev/null +++ b/roles/vaultwarden/tasks/main.yml @@ -0,0 +1,22 @@ +--- +- name: ensure vaultwarden docker/compose exist + file: + path: /etc/docker/compose/vaultwarden + state: directory + owner: root + group: root + mode: 0700 + +- name: build vaultwarden docker-compose.yml.j2 + template: + src: ../templates/docker-compose.yml.j2 + dest: /etc/docker/compose/vaultwarden/docker-compose.yml + owner: root + group: root + mode: u=rw,g=r,o=r + +- name: daemon-reload and enable vaultwarden + ansible.builtin.systemd_service: + state: restarted + enabled: true + name: docker-compose@vaultwarden diff --git a/roles/vaultwarden/templates/docker-compose.yml.j2 b/roles/vaultwarden/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..6224524 --- /dev/null +++ b/roles/vaultwarden/templates/docker-compose.yml.j2 @@ -0,0 +1,36 @@ +version: '3' + +services: + vaultwarden: + container_name: vaultwarden + image: vaultwarden/server:latest + restart: unless-stopped + volumes: + - ./data/:/data/ + ports: + - 8652:80 + environment: + - DOMAIN=https://vaultwarden.internal.simponic.xyz + - LOGIN_RATELIMIT_MAX_BURST=10 + - LOGIN_RATELIMIT_SECONDS=60 + - ADMIN_RATELIMIT_MAX_BURST=10 + - ADMIN_RATELIMIT_SECONDS=60 + - ADMIN_TOKEN={{ vaultwarden_admin_token }} + - SENDS_ALLOWED=true + - EMERGENCY_ACCESS_ALLOWED=true + - WEB_VAULT_ENABLED=true + + - SIGNUPS_ALLOWED=false + - SIGNUPS_VERIFY=true + - SIGNUPS_VERIFY_RESEND_TIME=3600 + - SIGNUPS_VERIFY_RESEND_LIMIT=5 + - SIGNUPS_DOMAINS_WHITELIST=simponic.xyz + + - SMTP_HOST=mail.simponic.xyz + - SMTP_FROM=info@simponic.xyz + - SMTP_FROM_NAME=VaultWarden + - SMTP_SECURITY=starttls + - SMTP_PORT=587 + - SMTP_USERNAME=info@simponic.xyz + - SMTP_PASSWORD={{ email_password }} + - SMTP_AUTH_MECHANISM="Plain"
\ No newline at end of file |