Vaguely harden vaultwarden config
This commit is contained in:
parent
1b24578fe6
commit
266601d6f5
1 changed files with 4 additions and 2 deletions
|
@ -17,7 +17,7 @@ services:
|
|||
- traefik.http.services.vaultwarden.loadbalancer.server.port=80
|
||||
|
||||
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.average=5
|
||||
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.burst=1000
|
||||
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.burst=200
|
||||
|
||||
- traefik.http.routers.vaultwarden.middlewares=vaultwarden-ratelimit
|
||||
environment:
|
||||
|
@ -26,7 +26,9 @@ services:
|
|||
- SHOW_PASSWORD_HINT=false
|
||||
- DATABASE_URL=postgres://vaultwarden:{{ vaultwarden_database_password }}@db/vaultwarden
|
||||
- INVITATIONS_ALLOWED=false
|
||||
- ROCKET_WORKERS={{ ansible_processor_nproc // 2 }}
|
||||
- ROCKET_WORKERS=2
|
||||
- EMERGENCY_ACCESS_ALLOWED=false
|
||||
- AUTHENTICATOR_DISABLE_TIME_DRIFT=true
|
||||
networks:
|
||||
- default
|
||||
- traefik
|
||||
|
|
Loading…
Reference in a new issue