mirror of
https://github.com/davestephens/ansible-nas
synced 2024-12-25 11:03:07 +00:00
bitwarden: user customization
- ability to set whitelist IP's to allow access to bitwarden using `bitwarden_ip_whitelist`
This commit is contained in:
parent
639dc47806
commit
bf797e525b
2 changed files with 5 additions and 0 deletions
|
@ -5,6 +5,7 @@ bitwarden_data_directory: "{{ docker_home }}/bitwarden"
|
||||||
bitwarden_port_a: "19080"
|
bitwarden_port_a: "19080"
|
||||||
bitwarden_port_b: "3012"
|
bitwarden_port_b: "3012"
|
||||||
bitwarden_hostname: "bitwarden"
|
bitwarden_hostname: "bitwarden"
|
||||||
|
bitwarden_ip_whitelist: "0.0.0.0/0"
|
||||||
|
|
||||||
# Keep this token secret, this is password to access admin area of your server!
|
# Keep this token secret, this is password to access admin area of your server!
|
||||||
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
|
# This token can be anything, but it's recommended to use a long, randomly generated string of characters,
|
||||||
|
|
|
@ -3,6 +3,7 @@
|
||||||
file:
|
file:
|
||||||
path: "{{ item }}"
|
path: "{{ item }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
mode: '0755'
|
||||||
with_items:
|
with_items:
|
||||||
- "{{ bitwarden_data_directory }}"
|
- "{{ bitwarden_data_directory }}"
|
||||||
|
|
||||||
|
@ -28,13 +29,16 @@
|
||||||
traefik.http.routers.bitwarden.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.http.routers.bitwarden.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
traefik.http.routers.bitwarden.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.bitwarden.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
traefik.http.routers.bitwarden.service: "bitwarden"
|
traefik.http.routers.bitwarden.service: "bitwarden"
|
||||||
|
traefik.http.routers.bitwarden.middlewares: "bitwarden-ipwhitelist@docker"
|
||||||
traefik.http.services.bitwarden.loadbalancer.server.port: "80"
|
traefik.http.services.bitwarden.loadbalancer.server.port: "80"
|
||||||
traefik.http.routers.bitwarden-ws.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`) && Path(`/notifications/hub`)"
|
traefik.http.routers.bitwarden-ws.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`) && Path(`/notifications/hub`)"
|
||||||
traefik.http.routers.bitwarden-ws.tls.certresolver: "letsencrypt"
|
traefik.http.routers.bitwarden-ws.tls.certresolver: "letsencrypt"
|
||||||
traefik.http.routers.bitwarden-ws.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
traefik.http.routers.bitwarden-ws.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
||||||
traefik.http.routers.bitwarden-ws.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
traefik.http.routers.bitwarden-ws.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
||||||
traefik.http.routers.bitwarden-ws.service: "bitwarden-ws"
|
traefik.http.routers.bitwarden-ws.service: "bitwarden-ws"
|
||||||
|
traefik.http.routers.bitwarden-ws.middlewares: "bitwarden-ipwhitelist@docker"
|
||||||
traefik.http.services.bitwarden-ws.loadbalancer.server.port: "3012"
|
traefik.http.services.bitwarden-ws.loadbalancer.server.port: "3012"
|
||||||
|
traefik.http.middlewares.bitwarden-ipwhitelist.ipwhitelist.sourcerange: "{{ bitwarden_ip_whitelist }}"
|
||||||
memory: "{{ bitwarden_memory }}"
|
memory: "{{ bitwarden_memory }}"
|
||||||
restart_policy: unless-stopped
|
restart_policy: unless-stopped
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue