Add bitwarden_rs
This commit is contained in:
parent
65f9206b95
commit
d4477c4bea
5 changed files with 77 additions and 0 deletions
|
@ -61,6 +61,7 @@
|
||||||
- yourls
|
- yourls
|
||||||
- pve_nebula_route
|
- pve_nebula_route
|
||||||
- privatebin
|
- privatebin
|
||||||
|
- bitwarden_rs
|
||||||
|
|
||||||
- hosts: ingress
|
- hosts: ingress
|
||||||
roles:
|
roles:
|
||||||
|
|
47
ansible/roles/bitwarden_rs/files/docker-compose.yml
Normal file
47
ansible/roles/bitwarden_rs/files/docker-compose.yml
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
version: '3'
|
||||||
|
|
||||||
|
services:
|
||||||
|
bitwarden:
|
||||||
|
image: bitwardenrs/server:1.19.0-alpine
|
||||||
|
restart: unless-stopped
|
||||||
|
user: "{{ docker_user.id }}:{{ docker_user.id }}"
|
||||||
|
volumes:
|
||||||
|
- "{{ app_data_dir }}/bitwarden_rs/:/data"
|
||||||
|
depends_on:
|
||||||
|
- db
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
|
||||||
|
- traefik.http.routers.bitwarden-ui.rule=Host(`bw.jakehoward.tech`)
|
||||||
|
- traefik.http.routers.bitwarden-ui.service=bitwarden-ui
|
||||||
|
- traefik.http.services.bitwarden-ui.loadbalancer.server.port=80
|
||||||
|
- traefik.http.routers.bitwarden-ui.tls.certresolver=le
|
||||||
|
|
||||||
|
- traefik.http.routers.bitwarden-websocket.rule=Host(`bw.jakehoward.tech`) && Path(`/notifications/hub`)
|
||||||
|
- traefik.http.routers.bitwarden-websocket.service=bitwarden-websocket
|
||||||
|
- traefik.http.services.bitwarden-websocket.loadbalancer.server.port=3012
|
||||||
|
- traefik.http.routers.bitwarden-websocket.tls.certresolver=le
|
||||||
|
|
||||||
|
- traefik.http.middlewares.bw-ratelimit.ratelimit.average=5
|
||||||
|
- traefik.http.middlewares.bw-ratelimit.ratelimit.burst=1000
|
||||||
|
- traefik.http.middlewares.bw-compress.compress=true
|
||||||
|
|
||||||
|
- traefik.http.routers.bitwarden-ui.middlewares=bw-ratelimit,bw-compress
|
||||||
|
- traefik.http.routers.bitwarden-websocket.middlewares=bw-ratelimit,bw-compress
|
||||||
|
environment:
|
||||||
|
- SIGNUPS_ALLOWED=false
|
||||||
|
- DOMAIN=https://bw.jakehoward.tech
|
||||||
|
- SHOW_PASSWORD_HINT=false
|
||||||
|
- DATABASE_URL=postgres://bitwarden:{{ bitwarden_database_password }}@db/bitwarden
|
||||||
|
- INVITATIONS_ALLOWED=false
|
||||||
|
- ROCKET_WORKERS=2
|
||||||
|
- WEBSOCKET_ENABLED=true
|
||||||
|
|
||||||
|
db:
|
||||||
|
image: postgres:12-alpine
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- /mnt/tank/dbs/postgres/bitwarden_rs/:/var/lib/postgresql/data
|
||||||
|
environment:
|
||||||
|
- POSTGRES_PASSWORD={{ bitwarden_database_password }}
|
||||||
|
- POSTGRES_USER=bitwarden
|
4
ansible/roles/bitwarden_rs/handlers/main.yml
Normal file
4
ansible/roles/bitwarden_rs/handlers/main.yml
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
- name: restart bitwarden_rs
|
||||||
|
shell:
|
||||||
|
chdir: /opt/bitwarden_rs
|
||||||
|
cmd: "{{ docker_update_command }}"
|
17
ansible/roles/bitwarden_rs/tasks/main.yml
Normal file
17
ansible/roles/bitwarden_rs/tasks/main.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
- name: Create install directory
|
||||||
|
file:
|
||||||
|
path: /opt/bitwarden_rs
|
||||||
|
state: directory
|
||||||
|
owner: "{{ docker_user.name }}"
|
||||||
|
mode: "{{ docker_compose_directory_mask }}"
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: Install compose file
|
||||||
|
template:
|
||||||
|
src: files/docker-compose.yml
|
||||||
|
dest: /opt/bitwarden_rs/docker-compose.yml
|
||||||
|
mode: "{{ docker_compose_file_mask }}"
|
||||||
|
owner: "{{ docker_user.name }}"
|
||||||
|
validate: docker-compose -f %s config
|
||||||
|
notify: restart bitwarden_rs
|
||||||
|
become: true
|
8
ansible/roles/bitwarden_rs/vars/main.yml
Normal file
8
ansible/roles/bitwarden_rs/vars/main.yml
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
bitwarden_database_password: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
37666163343038663763633038323938383665386463666239313431626334613432346462656366
|
||||||
|
3937363766396236326333353332393564623736336535630a333930613864396536366330633438
|
||||||
|
37376637646561636238646636356533343837376336636637646434383731316264353462383039
|
||||||
|
3138666164623437360a306538323263313966633631653739313435646435363236303066663938
|
||||||
|
34336366313439356434353333373963633666306463323662353033393832356462666163613161
|
||||||
|
3031623933363563343163376564373066613634356237643663
|
Loading…
Reference in a new issue