# # ============================================================================= # GENERAL CONFIGURATION # ============================================================================= # APP_NAME = name of application for use in scripts # COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is # BACKUP = if true, include this application in backup operations # HEALTHCHECK = if true, default docker health checks for that container will be enabled # AUTHELIA = if true, use Authelia authentication, if false turned off. # HEADSCALE = options : false, local, remote (see general config). e.g false or local,remote # MONITORING = if true, export this app's metrics to Prometheus + Grafana (needs both apps installed) # CFG_VAULTWARDEN_APP_NAME=vaultwarden CFG_VAULTWARDEN_BACKUP=true CFG_VAULTWARDEN_COMPOSE_FILE=default CFG_VAULTWARDEN_HEALTHCHECK=false CFG_VAULTWARDEN_AUTHELIA=false CFG_VAULTWARDEN_HEADSCALE=false CFG_VAULTWARDEN_MONITORING=false # # ============================================================================= # APPLICATION CONFIGURATION # ============================================================================= # ADMIN_TOKEN = admin token for accessing the admin interface (set to 'none' to disable) # SIGNUPS_ALLOWED = if true, new user registrations are allowed # CFG_VAULTWARDEN_ADMIN_TOKEN=RANDOMIZEDPASSWORD1 CFG_VAULTWARDEN_SIGNUPS_ALLOWED=true # # ============================================================================= # METADATA # ============================================================================= # CATEGORY = application category for grouping # TITLE = display name for the application # DESCRIPTION = short description of the application # LONG_DESCRIPTION = detailed description of the application # URL = source repository or documentation URL # ACTIONS = available actions for this application # CFG_VAULTWARDEN_CATEGORY="security" CFG_VAULTWARDEN_TITLE="Vaultwarden" CFG_VAULTWARDEN_DESCRIPTION="Password Manager" CFG_VAULTWARDEN_LONG_DESCRIPTION="Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust and compatible with Bitwarden clients" CFG_VAULTWARDEN_URL="https://github.com/dani-garcia/vaultwarden" CFG_VAULTWARDEN_ACTIONS="configure|install|restart|shutdown|uninstall" # # ============================================================================= # NETWORK CONFIGURATION # ============================================================================= # DOMAIN = number of domain from the general config, useful when using multiple domains # HOST_NAME = subdomain name e.g test is the name for test.website.com # WHITELIST = if true only allow whitelisted ips on traefik, if false allow all # CFG_VAULTWARDEN_DOMAIN=1 CFG_VAULTWARDEN_WHITELIST=false CFG_VAULTWARDEN_HOST_NAME=vault CFG_VAULTWARDEN_NETWORK=default # # ============================================================================= # PORT CONFIGURATION # ============================================================================= # PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description # - app: application name # - name: service identifier (webui, api, ssh, etc.) # - external:internal: port mapping (external can be 'random' for auto-allocation) # - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running) # - protocol: 'tcp' or 'udp' # - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true) # - traefik: if true, Traefik handles this port (reverse proxy) # - webui: if true, this port serves the main web interface # - description: human-readable description of the service # CFG_VAULTWARDEN_PORT_1="vaultwarden-service|webui|8201:80|public|tcp|false|true|true|Password Manager Interface||vault" CFG_VAULTWARDEN_PORT_2="vaultwarden-exporter|metrics|3001:3001|disabled|tcp|false|false|false|Metrics Exporter (sidecar, docker-network only)|"