]> xn--ix-yja.es Git - infrastructure.git/commitdiff
projects / infrastructure.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dbe79a5)
Restrict Vaultwarden users
authoralex <alex@pdp7.net>
Sat, 11 Oct 2025 17:37:55 +0000 (19:37 +0200)
committeralex <alex@pdp7.net>
Sat, 11 Oct 2025 17:37:55 +0000 (19:37 +0200)
infrastructure/roles/vaultwarden/tasks/main.yaml patch | blob | history

diff --git a/infrastructure/roles/vaultwarden/tasks/main.yaml b/infrastructure/roles/vaultwarden/tasks/main.yaml
index 746696e73cdc2927edaf8624253f175dbd78c87e..96eb64f8eeb36eb0bf1b8613e0dc49197ffc05ea 100644 (file)
--- a/infrastructure/roles/vaultwarden/tasks/main.yaml
+++ b/infrastructure/roles/vaultwarden/tasks/main.yaml
@@ -11,7 +11,7 @@
       Exec=/start.sh
       EnvironmentFile=vaultwarden.environment
       Volume=/var/lib/vaultwarden/:/data/
-      PublishPort=127.0.0.1:8080:80
+      Network=host
 
       [Install]
       WantedBy=default.target
@@ -23,6 +23,13 @@
     dest: /etc/containers/systemd/vaultwarden.environment
     content: |
       DOMAIN=https://{{ public_hostname }}/vaultwarden
+      SIGNUPS_DOMAINS_WHITELIST=localhost
+      SIGNUPS_VERIFY=true
+      SMTP_HOST=localhost
+      SMTP_FROM=vaultwarden@localhost
+      SMTP_SECURITY=off
+      ROCKET_ADDRESS=127.0.0.1
+      ROCKET_PORT=8080
   notify:
     - restart quadlet
 - name: create storage
Unnamed repository; edit this file 'description' to name the repository.