Restrict Vaultwarden users

author: alex <alex@pdp7.net> 2025-10-11 19:37:55 +0200
committer: alex <alex@pdp7.net> 2025-10-11 19:37:55 +0200
commit: 3646f040c4b5b908dcc3e439e4c2f9a3f5b6cbb2 (patch)
tree: f5e6908eb50e76c854ce076f0fea2d3cd1f9ca2e /infrastructure/roles
parent: dbe79a5f530cda17dcf66d11c39cfd733406589d (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/infrastructure/roles/vaultwarden/tasks/main.yaml b/infrastructure/roles/vaultwarden/tasks/main.yaml
index 746696e..96eb64f 100644
--- a/infrastructure/roles/vaultwarden/tasks/main.yaml
+++ b/infrastructure/roles/vaultwarden/tasks/main.yaml
@@ -11,7 +11,7 @@
       Exec=/start.sh
       EnvironmentFile=vaultwarden.environment
       Volume=/var/lib/vaultwarden/:/data/
-      PublishPort=127.0.0.1:8080:80
+      Network=host
 
       [Install]
       WantedBy=default.target
@@ -23,6 +23,13 @@
     dest: /etc/containers/systemd/vaultwarden.environment
     content: |
       DOMAIN=https://{{ public_hostname }}/vaultwarden
+      SIGNUPS_DOMAINS_WHITELIST=localhost
+      SIGNUPS_VERIFY=true
+      SMTP_HOST=localhost
+      SMTP_FROM=vaultwarden@localhost
+      SMTP_SECURITY=off
+      ROCKET_ADDRESS=127.0.0.1
+      ROCKET_PORT=8080
   notify:
     - restart quadlet
 - name: create storage
author	alex <alex@pdp7.net>	2025-10-11 19:37:55 +0200
committer	alex <alex@pdp7.net>	2025-10-11 19:37:55 +0200
commit	3646f040c4b5b908dcc3e439e4c2f9a3f5b6cbb2 (patch)
tree	f5e6908eb50e76c854ce076f0fea2d3cd1f9ca2e /infrastructure/roles
parent	dbe79a5f530cda17dcf66d11c39cfd733406589d (diff)