LibrePortal/containers/vaultwarden/vaultwarden.config
librelad 27ad517626 feat(backup): per-app strategy override (advanced, context-aware)
Adds CFG_<APP>_BACKUP_STRATEGY (default auto) so an app's backup strategy can
be overridden from its Advanced config tab, taking precedence over the global
default. Added to the 10 live-capable apps, so the dropdown's 'live' option only
appears where it actually works.

- backupResolveStrategy now checks the per-app override before the global value.
- backupAppLiveCapable / backupAppStrategyOptions expose capability + the valid
  option set; predicate helpers hardened with explicit returns so they behave
  identically with or without shell errexit.
- BACKUP_STRATEGY field mapping (select, advanced) renders the dropdown.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-23 15:34:17 +01:00

74 lines
3.8 KiB
Plaintext
Executable File

#
# =============================================================================
# GENERAL CONFIGURATION
# =============================================================================
# APP_NAME = name of application for use in scripts
# COMPOSE_FILE = default for no app_name in docker-compose file name, app if there is
# BACKUP = if true, include this application in backup operations
# HEALTHCHECK = if true, default docker health checks for that container will be enabled
# AUTHELIA = if true, use Authelia authentication, if false turned off.
# HEADSCALE = options : false, local, remote (see general config). e.g false or local,remote
# MONITORING = if true, export this app's metrics to Prometheus + Grafana (needs both apps installed)
#
CFG_VAULTWARDEN_APP_NAME=vaultwarden
CFG_VAULTWARDEN_BACKUP=true
CFG_VAULTWARDEN_BACKUP_STRATEGY=auto
CFG_VAULTWARDEN_COMPOSE_FILE=default
CFG_VAULTWARDEN_HEALTHCHECK=false
CFG_VAULTWARDEN_AUTHELIA=false
CFG_VAULTWARDEN_HEADSCALE=false
CFG_VAULTWARDEN_MONITORING=false
#
# =============================================================================
# APPLICATION CONFIGURATION
# =============================================================================
# ADMIN_TOKEN = admin token for accessing the admin interface (set to 'none' to disable)
# SIGNUPS_ALLOWED = if true, new user registrations are allowed
#
CFG_VAULTWARDEN_ADMIN_TOKEN=RANDOMIZEDPASSWORD1
CFG_VAULTWARDEN_SIGNUPS_ALLOWED=true
#
# =============================================================================
# METADATA
# =============================================================================
# CATEGORY = application category for grouping
# TITLE = display name for the application
# DESCRIPTION = short description of the application
# LONG_DESCRIPTION = detailed description of the application
# URL = source repository or documentation URL
# ACTIONS = available actions for this application
#
CFG_VAULTWARDEN_CATEGORY="security"
CFG_VAULTWARDEN_TITLE="Vaultwarden"
CFG_VAULTWARDEN_DESCRIPTION="Password Manager"
CFG_VAULTWARDEN_LONG_DESCRIPTION="Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust and compatible with Bitwarden clients"
CFG_VAULTWARDEN_URL="https://github.com/dani-garcia/vaultwarden"
CFG_VAULTWARDEN_ACTIONS="configure|install|restart|shutdown|uninstall"
#
# =============================================================================
# NETWORK CONFIGURATION
# =============================================================================
# DOMAIN = number of domain from the general config, useful when using multiple domains
# WHITELIST = if true only allow whitelisted ips on traefik, if false allow all
#
CFG_VAULTWARDEN_DOMAIN=1
CFG_VAULTWARDEN_WHITELIST=false
CFG_VAULTWARDEN_NETWORK=default
#
# =============================================================================
# PORT CONFIGURATION
# =============================================================================
# PORT_ = port configuration: app|name|external:internal|access|protocol|login|traefik|webui|description
# - app: application name
# - name: service identifier (webui, api, ssh, etc.)
# - external:internal: port mapping (external can be 'random' for auto-allocation)
# - access: 'public' (internet accessible), 'private' (local network only), 'disabled' (not running)
# - protocol: 'tcp' or 'udp'
# - login: if true, this port requires basic-auth via Traefik (only meaningful when traefik=true)
# - traefik: if true, Traefik handles this port (reverse proxy)
# - webui: if true, this port serves the main web interface
# - description: human-readable description of the service
#
CFG_VAULTWARDEN_PORT_1="vaultwarden-service|webui|8201:80|public|tcp|false|true|true|Password Manager Interface||vault"
CFG_VAULTWARDEN_PORT_2="vaultwarden-exporter|metrics|3001:3001|disabled|tcp|false|false|false|Metrics Exporter (sidecar, docker-network only)|"