-
Notifications
You must be signed in to change notification settings - Fork 1
/
bitwarden.xml
129 lines (129 loc) · 7.16 KB
/
bitwarden.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?xml version="1.0"?>
<Container version="2">
<Name>bitwardenrs</Name>
<Repository>bitwardenrs/server</Repository>
<Registry>https://hub.docker.com/r/bitwardenrs/server</Registry>
<Network>bridge</Network>
<MyIP/>
<Shell>sh</Shell>
<Privileged>false</Privileged>
<Support/>
<Project/>
<Overview>This is Bitwarden server API implementation written in rust compatible with upstream Bitwarden clients*, ideal for self-hosted deployment where running official resource-heavy service might not be ideal.</Overview>
<Category>Tools:</Category>
<WebUI>http://[IP]:[PORT:80]</WebUI>
<TemplateURL>https://github.com/CHBMB/docker-templates/blob/master/bitwarden.xml</TemplateURL>
<Icon>https://raw.githubusercontent.com/CHBMB/docker-templates/master/img/bitwarden.png</Icon>
<ExtraParams/>
<PostArgs/>
<CPUset/>
<DonateText/>
<DonateLink/>
<Description>This is Bitwarden server API implementation written in rust compatible with upstream Bitwarden clients*, ideal for self-hosted deployment where running official resource-heavy service might not be ideal.</Description>
<Networking>
<Mode>bridge</Mode>
<Publish>
<Port>
<HostPort>80</HostPort>
<ContainerPort>80</ContainerPort>
<Protocol>tcp</Protocol>
</Port>
<Port>
<HostPort>3012</HostPort>
<ContainerPort>3012</ContainerPort>
<Protocol>tcp</Protocol>
</Port>
</Publish>
</Networking>
<Data>
<Volume>
<HostDir/>
<ContainerDir>/data</ContainerDir>
<Mode>rw</Mode>
</Volume>
</Data>
<Environment>
<Variable>
<Value/>
<Name>DOMAIN</Name>
<Mode/>
</Variable>
<Variable>
<Value>true</Value>
<Name>SIGNUPS_ALLOWED</Name>
<Mode/>
</Variable>
<Variable>
<Value/>
<Name>ADMIN_TOKEN</Name>
<Mode/>
</Variable>
<Variable>
<Value>true</Value>
<Name>WEBSOCKET_ENABLED</Name>
<Mode/>
</Variable>
<Variable>
<Value>false</Value>
<Name>DISABLE_ADMIN_TOKEN</Name>
<Mode/>
</Variable>
<Variable>
<Value/>
<Name>YUBICO_CLIENT_ID</Name>
<Mode/>
</Variable>
<Variable>
<Value/>
<Name>SMTP_HOST</Name>
<Mode/>
</Variable>
<Variable>
<Value/>
<Name>SMTP_FROM</Name>
<Mode/>
</Variable>
<Variable>
<Value>true</Value>
<Name>SMTP_SSL</Name>
<Mode/>
</Variable>
<Variable>
<Value/>
<Name>SMTP_USERNAME</Name>
<Mode/>
</Variable>
<Variable>
<Value/>
<Name>SMTP_PASSWORD</Name>
<Mode/>
</Variable>
<Variable>
<Value>false</Value>
<Name>SHOW_PASSWORD_HINT</Name>
<Mode/>
</Variable>
<Variable>
<Value>true</Value>
<Name>WEB_VAULT_ENABLED</Name>
<Mode/>
</Variable>
</Environment>
<Labels/>
<Config Name="WebUI" Target="80" Default="" Mode="tcp" Description="Webui Port: 80" Type="Port" Display="always" Required="false" Mask="false">80</Config>
<Config Name="WebSocket" Target="3012" Default="" Mode="tcp" Description="Websocket Port: 3012" Type="Port" Display="always" Required="false" Mask="false">3012</Config>
<Config Name="App Data" Target="/data" Default="" Mode="rw" Description="Container Path: /data" Type="Path" Display="always" Required="false" Mask="false"/>
<Config Name="DOMAIN_NAME" Target="DOMAIN" Default="" Mode="" Description="In the format https://(subdomain).domain.com" Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="SIGNUPS_ALLOWED" Target="SIGNUPS_ALLOWED" Default="true" Mode="" Description="Set to false to disable signups" Type="Variable" Display="always" Required="false" Mask="false">true</Config>
<Config Name="ADMIN_TOKEN" Target="ADMIN_TOKEN" Default="" Mode="" Description="To enable the admin page, you need to set an authentication token. This token can be anything, but it's recommended to use a long, randomly generated string of characters, for example running openssl rand -base64 48. Keep this token secret, this is the password to access the admin area of your server! After this, the page will be available in the /admin subdirectory." Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="WEBSOCKET_ENABLED" Target="WEBSOCKET_ENABLED" Default="" Mode="" Description="To enable WebSockets notifications, an external reverse proxy is necessary. See https://github.com/dani-garcia/bitwarden_rs/wiki/Enabling-WebSocket-notifications" Type="Variable" Display="always" Required="false" Mask="false">true</Config>
<Config Name="DISABLE_ADMIN_TOKEN" Target="DISABLE_ADMIN_TOKEN" Default="" Mode="" Description="This will disable the built in ADMIN_TOKEN used for authentication while also enabling the admin panel. Anyone with access to the URL will be able to access the admin panel." Type="Variable" Display="always" Required="false" Mask="false">false</Config>
<Config Name="YUBICO_CLIENT_ID" Target="YUBICO_CLIENT_ID" Default="" Mode="" Description="To enable YubiKey authentication, you must set the YUBICO_CLIENT_ID and YUBICO_SECRET_KEY env variables. If YUBICO_SERVER is not specified, it will use the default YubiCloud servers. You can generate YUBICO_CLIENT_ID and YUBICO_SECRET_KEY for the default YubiCloud at https://upgrade.yubico.com/getapikey/" Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="SMTP_HOST" Target="SMTP_HOST" Default="" Mode="" Description="smtp.domain.tld" Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="SMTP_FROM" Target="SMTP_FROM" Default="" Mode="" Description="[email protected]" Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="SMTP_SSL" Target="SMTP_SSL" Default="" Mode="" Description="When SMTP_SSL is set to true(this is the default), only TLSv1.1 and TLSv1.2 protocols will be accepted and SMTP_PORT will default to 587. If set to false, SMTP_PORT will default to 25 and the connection won't be encrypted." Type="Variable" Display="always" Required="false" Mask="false">true</Config>
<Config Name="SMTP_USERNAME" Target="SMTP_USERNAME" Default="" Mode="" Description="username" Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="SMTP_PASSWORD" Target="SMTP_PASSWORD" Default="" Mode="" Description="password" Type="Variable" Display="always" Required="false" Mask="false"/>
<Config Name="SHOW_PASSWORD_HINT" Target="SHOW_PASSWORD_HINT" Default="" Mode="" Description="Usually, password hints are sent by email. But as bitwarden_rs is made with small or personal deployment in mind, hints are also available from the password hint page, so you don't have to configure an email service. If you want to disable this feature, you can use the SHOW_PASSWORD_HINT variable" Type="Variable" Display="always" Required="false" Mask="false">false</Config>
<Config Name="WEB_VAULT_ENABLED" Target="WEB_VAULT_ENABLED" Default="" Mode="" Description="As a convenience bitwarden_rs image will also host static files for Vault web interface. You can disable this static file hosting completely by setting the WEB_VAULT_ENABLED variable to false." Type="Variable" Display="always" Required="false" Mask="false">true</Config>
</Container>