mirror of
https://github.com/davestephens/ansible-nas
synced 2025-01-27 18:55:17 +00:00
68 lines
2.9 KiB
YAML
68 lines
2.9 KiB
YAML
---
|
|
- name: Start Bitwarden
|
|
block:
|
|
- name: Create Bitwarden Directories
|
|
ansible.builtin.file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
mode: "0755"
|
|
with_items:
|
|
- "{{ bitwarden_data_directory }}"
|
|
|
|
- name: Bitwarden Docker Container
|
|
community.docker.docker_container:
|
|
name: "{{ bitwarden_container_name }}"
|
|
image: vaultwarden/server:latest
|
|
pull: true
|
|
ports:
|
|
- "{{ bitwarden_port_a }}:80"
|
|
- "{{ bitwarden_port_b }}:3012"
|
|
volumes:
|
|
- "{{ bitwarden_data_directory }}:/data:rw"
|
|
env:
|
|
SIGNUPS_ALLOWED: "{{ bitwarden_allow_signups | string }}"
|
|
ADMIN_TOKEN: "{{ bitwarden_admin_token }}"
|
|
LOG_FILE: "/data/bitwarden.log"
|
|
WEBSOCKET_ENABLED: "true"
|
|
labels:
|
|
traefik.enable: "{{ bitwarden_available_externally | string }}"
|
|
traefik.http.routers.bitwarden.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`)"
|
|
traefik.http.routers.bitwarden.tls.certresolver: "letsencrypt"
|
|
traefik.http.routers.bitwarden.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
|
traefik.http.routers.bitwarden.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
|
traefik.http.routers.bitwarden.service: "bitwarden"
|
|
traefik.http.routers.bitwarden.middlewares: "bitwarden-ipwhitelist@docker"
|
|
traefik.http.services.bitwarden.loadbalancer.server.port: "80"
|
|
traefik.http.routers.bitwarden-ws.rule: "Host(`{{ bitwarden_hostname }}.{{ ansible_nas_domain }}`) && Path(`/notifications/hub`)"
|
|
traefik.http.routers.bitwarden-ws.tls.certresolver: "letsencrypt"
|
|
traefik.http.routers.bitwarden-ws.tls.domains[0].main: "{{ ansible_nas_domain }}"
|
|
traefik.http.routers.bitwarden-ws.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
|
|
traefik.http.routers.bitwarden-ws.service: "bitwarden-ws"
|
|
traefik.http.routers.bitwarden-ws.middlewares: "bitwarden-ipwhitelist@docker"
|
|
traefik.http.services.bitwarden-ws.loadbalancer.server.port: "3012"
|
|
traefik.http.middlewares.bitwarden-ipwhitelist.ipwhitelist.sourcerange: "{{ bitwarden_ip_whitelist }}"
|
|
memory: "{{ bitwarden_memory }}"
|
|
restart_policy: unless-stopped
|
|
|
|
- name: Bitwarden Backup Container
|
|
community.docker.docker_container:
|
|
name: "{{ bitwarden_backup_container_name }}"
|
|
image: bruceforce/bw_backup:latest
|
|
pull: true
|
|
restart_policy: unless-stopped
|
|
volumes_from: bitwarden
|
|
memory: "{{ bitwarden_backup_memory }}"
|
|
when: bitwarden_enabled is true
|
|
|
|
- name: Stop Bitwarden
|
|
block:
|
|
- name: Stop Bitwarden
|
|
community.docker.docker_container:
|
|
name: "{{ bitwarden_container_name }}"
|
|
state: absent
|
|
|
|
- name: Stop Bitwarden Backup
|
|
community.docker.docker_container:
|
|
name: "{{ bitwarden_backup_container_name }}"
|
|
state: absent
|
|
when: bitwarden_enabled is false
|