vaultwarden avec db

1 year ago · 389687ecd5
7 changed files with 55 additions and 2 deletions
--- a/bin/updateDockerPassword.sh
+++ b/bin/updateDockerPassword.sh
@ -90,6 +90,8 @@ updateEnvDB "roundcube" "${KAZ_KEY_DIR}/env-${roundcubeDBName}" "${roundcubeDBNa
 updateEnvDB "sympa" "${KAZ_KEY_DIR}/env-${sympaDBName}" "${sympaDBName}"
 updateEnvDB "vigilo" "${KAZ_KEY_DIR}/env-${vigiloDBName}" "${vigiloDBName}"
 updateEnvDB "wp" "${KAZ_KEY_DIR}/env-${wordpressDBName}" "${wordpressDBName}"
+updateEnvDB "vaultwarden" "${KAZ_KEY_DIR}/env-${vaultwardenDBName}" "${vaultwardenDBName}"
+

 updateEnv "ethercalc" "${KAZ_KEY_DIR}/env-${ethercalcServName}"
 updateEnv "etherpad" "${KAZ_KEY_DIR}/env-${etherpadServName}"
@ -108,6 +110,7 @@ updateEnv "sympa" "${KAZ_KEY_DIR}/env-${sympaServName}"
 # updateEnv "mail" "${KAZ_KEY_DIR}/env-${smtpServName}"
 updateEnv "mobilizon" "${KAZ_KEY_DIR}/env-${mobilizonServName}"
 updateEnv "mobilizon" "${KAZ_KEY_DIR}/env-${mobilizonDBName}"
+updateEnv "vaultwarden" "${KAZ_KEY_DIR}/env-${vaultwardenServName}"


 updateEnv "ldap" "${KAZ_KEY_DIR}/env-${ldapUIName}"
--- a/config/dockers.tmpl.env
+++ b/config/dockers.tmpl.env
@ -110,6 +110,8 @@ sympaDBName=sympaDB
 vigiloDBName=vigiloDB
 wordpressDBName=wpDB
 mobilizonDBName=mobilizonDB
+vaultwardenDBName=vaultwardenDB
+

 ldapUIName=ldapUI

--- a/dockers/proxy/config/nginx.tmpl.conf
+++ b/dockers/proxy/config/nginx.tmpl.conf
@ -275,7 +275,7 @@ server {
 }}

  #############################################
-  # vaultwarden kaz
+  # vaultwarden
  {{vaultwarden
  server {
    server_name __VAULTWARDEN_HOST__.__DOMAIN__;
--- a/dockers/vaultwarden/docker-compose.yml
+++ b/dockers/vaultwarden/docker-compose.yml
@ -1,22 +1,53 @@
 version: '3'
 services:
+
  vaultwarden:
    image: vaultwarden/server
    container_name: ${vaultwardenServName}
    restart: ${restartPolicy}
+    depends_on:
+      - db
+    links:
+      - db
+    environment:
+      - SIGNUPS_DOMAINS_WHITELIST=${domain}
+      - SIGNUPS_VERIFY=true
+      - SMTP_HOST=smtp
+      - SMTP_FROM=<vaultwarden@$domain>
+      - SMTP_PORT=25
+      - SMTP_SECURITY=off
    env_file:
      - ../../secret/env-${vaultwardenServName}
    networks:
      - vaultwardenNet
+      - postfixNet
    volumes:
      - vaultwarden-data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro

+  db:
+    image: mariadb:10.5
+    container_name: ${sympaDBName}
+    restart: ${restartPolicy}
+    networks:
+      - vaultwardenNet
+    env_file:
+      - ../../secret/env-${vaultwardenDBName}
+    volumes:
+      - vaultwardenDB:/var/lib/mysql
+      - /home/sauve/:/svg/
+      - /etc/localtime:/etc/localtime:ro
+      - /etc/timezone:/etc/timezone:ro
+
 volumes:
  vaultwarden-data:
+  vaultwardenDB:

 networks:
  vaultwardenNet:
    external:
      name: vaultwardenNet
+  postfixNet:
+    external:
+      name: postfixNet
--- a/secret.tmpl/SetAllPass.sh
+++ b/secret.tmpl/SetAllPass.sh
@ -251,3 +251,15 @@ mobilizon_MOBILIZON_SMTP_PASSWORD=
 mobilizon_MOBILIZON_SMTP_SSL=false

 mobilizon_MOBILIZON_LDAP_BINDPASSWORD=${ldap_LDAP_NOBODY_PASSWORD}
+
+
+#####################
+# Vaultwarden
+
+vaultwarden_MYSQL_ROOT_PASSWORD="--clean_val--"
+vaultwarden_MYSQL_DATABASE="vaultwarden"
+vaultwarden_MYSQL_USER="vaultwarden"
+vaultwarden_MYSQL_PASSWORD="--clean_val--"
+
+vaultwarden_DATABASE_URL="mysql://${vaultwarden_MYSQL_USER}:${vaultwarden_MYSQL_PASSWORD}@db/${vaultwarden_MYSQL_DATABASE}"
+vaultwarden_ADMIN_TOKEN=
--- a/secret.tmpl/env-vaultwardenDB
+++ b/secret.tmpl/env-vaultwardenDB
@ -0,0 +1,4 @@
+MYSQL_ROOT_PASSWORD=
+MYSQL_DATABASE=
+MYSQL_USER=
+MYSQL_PASSWORD=
--- a/secret.tmpl/env-vaultwardenServ
+++ b/secret.tmpl/env-vaultwardenServ
@ -1 +1,2 @@
-SIGNUPS_DOMAINS_WHITELIST=kaz.bzh
+DATABASE_URL=
+ADMIN_TOKEN=