ansible-nas/roles/bitwarden/tasks/main.yml

---
- name: Create Bitwarden Directories
  file:
    path: "{{ item }}"
    state: directory
    mode: '0755'
  with_items:
    - "{{ bitwarden_data_directory }}"

- name: Bitwarden Docker Container
  docker_container:
    name: bitwarden
    image: bitwardenrs/server:latest
    pull: true
    ports:
      - "{{ bitwarden_port_a }}:80"
      - "{{ bitwarden_port_b }}:3012"
    volumes:
      - "{{ bitwarden_data_directory }}:/data:rw"
    env:
      SIGNUPS_ALLOWED: "{{ bitwarden_allow_signups }}"
      ADMIN_TOKEN: "{{ bitwarden_admin_token }}"
      LOG_FILE: "/data/bitwarden.log"
      WEBSOCKET_ENABLED: "true"
    labels:
      traefik.enable: "{{ bitwarden_available_externally }}"
      traefik.http.routers.bitwarden.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`)"
      traefik.http.routers.bitwarden.tls.certresolver: "letsencrypt"
      traefik.http.routers.bitwarden.tls.domains[0].main: "{{ ansible_nas_domain }}"
      traefik.http.routers.bitwarden.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
      traefik.http.routers.bitwarden.service: "bitwarden"
      traefik.http.routers.bitwarden.middlewares: "bitwarden-ipwhitelist@docker"
      traefik.http.services.bitwarden.loadbalancer.server.port: "80"
      traefik.http.routers.bitwarden-ws.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`) && Path(`/notifications/hub`)"
      traefik.http.routers.bitwarden-ws.tls.certresolver: "letsencrypt"
      traefik.http.routers.bitwarden-ws.tls.domains[0].main: "{{ ansible_nas_domain }}"
      traefik.http.routers.bitwarden-ws.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
      traefik.http.routers.bitwarden-ws.service: "bitwarden-ws"
      traefik.http.routers.bitwarden-ws.middlewares: "bitwarden-ipwhitelist@docker"
      traefik.http.services.bitwarden-ws.loadbalancer.server.port: "3012"
      traefik.http.middlewares.bitwarden-ipwhitelist.ipwhitelist.sourcerange: "{{ bitwarden_ip_whitelist }}"
    memory: "{{ bitwarden_memory }}"
    restart_policy: unless-stopped

- name: Bitwarden Backup Container
  docker_container:
    name: bitwarden-backup
    image: bruceforce/bw_backup:latest
    pull: true
    restart_policy: unless-stopped
    volumes_from: bitwarden
    memory: "{{ bitwarden_backup_memory }}"
Yamllint FTW 2021-02-21 19:50:07 +00:00			`---`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`- name: Create Bitwarden Directories`
			`file:`
			`path: "{{ item }}"`
			`state: directory`
bitwarden: user customization - ability to set whitelist IP's to allow access to bitwarden using `bitwarden_ip_whitelist` 2021-11-11 15:14:06 +00:00			`mode: '0755'`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`with_items:`
			`- "{{ bitwarden_data_directory }}"`

			`- name: Bitwarden Docker Container`
			`docker_container:`
			`name: bitwarden`
update Bitwarden to new working image https://github.com/davestephens/ansible-nas/issues/250 2020-04-26 03:27:37 +00:00			`image: bitwardenrs/server:latest`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`pull: true`
			`ports:`
Map all ports as variables in all.yml.dist NOTE: The majority of traefik ports were totally broken and would never have worked. It should be the external port there, not the internal container port!. Port conflicts were fixed. 2020-01-05 21:47:40 +00:00			`- "{{ bitwarden_port_a }}:80"`
			`- "{{ bitwarden_port_b }}:3012"`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`volumes:`
			`- "{{ bitwarden_data_directory }}:/data:rw"`
			`env:`
Push Bitwarden enable/disable signups out to all.yml. 2019-04-14 17:43:41 +00:00			`SIGNUPS_ALLOWED: "{{ bitwarden_allow_signups }}"`
fix trailing whitespace 2019-04-10 14:28:35 +00:00			`ADMIN_TOKEN: "{{ bitwarden_admin_token }}"`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`LOG_FILE: "/data/bitwarden.log"`
Tweaks for Bitwarden WebSockets 2019-04-14 15:45:48 +00:00			`WEBSOCKET_ENABLED: "true"`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`labels:`
Enable Bitwarden for external access 2019-04-14 16:05:21 +00:00			`traefik.enable: "{{ bitwarden_available_externally }}"`
use traefik v2 labels 2021-04-07 17:37:55 +00:00			traefik.http.routers.bitwarden.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`)"
			`traefik.http.routers.bitwarden.tls.certresolver: "letsencrypt"`
			`traefik.http.routers.bitwarden.tls.domains[0].main: "{{ ansible_nas_domain }}"`
			`traefik.http.routers.bitwarden.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"`
			`traefik.http.routers.bitwarden.service: "bitwarden"`
bitwarden: user customization - ability to set whitelist IP's to allow access to bitwarden using `bitwarden_ip_whitelist` 2021-11-11 15:14:06 +00:00			`traefik.http.routers.bitwarden.middlewares: "bitwarden-ipwhitelist@docker"`
use traefik v2 labels 2021-04-07 17:37:55 +00:00			`traefik.http.services.bitwarden.loadbalancer.server.port: "80"`
			traefik.http.routers.bitwarden-ws.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`) && Path(`/notifications/hub`)"
			`traefik.http.routers.bitwarden-ws.tls.certresolver: "letsencrypt"`
			`traefik.http.routers.bitwarden-ws.tls.domains[0].main: "{{ ansible_nas_domain }}"`
			`traefik.http.routers.bitwarden-ws.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"`
			`traefik.http.routers.bitwarden-ws.service: "bitwarden-ws"`
bitwarden: user customization - ability to set whitelist IP's to allow access to bitwarden using `bitwarden_ip_whitelist` 2021-11-11 15:14:06 +00:00			`traefik.http.routers.bitwarden-ws.middlewares: "bitwarden-ipwhitelist@docker"`
use traefik v2 labels 2021-04-07 17:37:55 +00:00			`traefik.http.services.bitwarden-ws.loadbalancer.server.port: "3012"`
bitwarden: user customization - ability to set whitelist IP's to allow access to bitwarden using `bitwarden_ip_whitelist` 2021-11-11 15:14:06 +00:00			`traefik.http.middlewares.bitwarden-ipwhitelist.ipwhitelist.sourcerange: "{{ bitwarden_ip_whitelist }}"`
Enable configurable memory. Mops up #253 2021-02-23 15:16:29 +00:00			`memory: "{{ bitwarden_memory }}"`
Changes to vars, toml, task and playbook 2019-04-10 12:46:47 +00:00			`restart_policy: unless-stopped`

			`- name: Bitwarden Backup Container`
			`docker_container:`
			`name: bitwarden-backup`
			`image: bruceforce/bw_backup:latest`
			`pull: true`
			`restart_policy: unless-stopped`
Updated bitwarden and documentation 2019-04-10 20:55:14 +00:00			`volumes_from: bitwarden`
Enable configurable memory. Mops up #253 2021-02-23 15:16:29 +00:00			`memory: "{{ bitwarden_backup_memory }}"`