General
Bitwarden_rs - Password manager compatible with Bitwarden apps
Enable/Disable registrations
To disable open registrations and/or invites set bitwarden_rs_signups_allowed
and/or bitwarden_rs_invites_allowed
to false
. Disabling signups does not automatically disable invites.
Admin interface
To enable the Admin webinterface, set bitwarden_rs_admintoken
to a secure password. When this is set you access the admin interface at /admin
.
Websocket notifications
To enable WebSockets notifications, an external reverse proxy is necessary, and it must be configured to do the following:
- Route the /notifications/hub
endpoint to the WebSocket server, by default at port 3012
, making sure to pass the Connection
and Upgrade
headers. (Note the port can be changed with WEBSOCKET_PORT
variable)
- Route everything else, including /notifications/hub/negotiate
, to the standard Rocket server, by default at port 9001
.
Then you need to enable WebSockets negotiation on the bitwarden_rs side by setting the bitwarden_rs_websocket_enabled
variable to true
.
More information here
To activate the e-mail functionality of bitwarden_rs you need to configure an smtp server connection.
First, set bitwarden_rs_smtp_enabled
to true
, then configure the following variables, according to your existing smtp server:
bitwarden_rs_smtp_host: ""
bitwarden_rs_smtp_from: ""
bitwarden_rs_smtp_port: ""
bitwarden_rs_smtp_ssl: true
bitwarden_rs_smtp_username: ""
bitwarden_rs_smtp_password: ""
More information here.
Yubikey OTP authentication
To enable YubiKey authentication, you must set the variables bitwarden_rs_yubikey_server
, bitwarden_rs_yubikey_id
and bitwarden_rs_yubikey_key
to a valid configuration, then enable it by setting bitwarden_rs_yubikey_enabled: true
More information here
Variables
Variable | Type | Default | Comment |
---|---|---|---|
bitwarden_rs_enabled | Boolean | false | Enable/Disable the application |
bitwarden_rs_tag | String | "latest" | Tag to use for the docker image |
bitwarden_rs_directories.data | String | "{{ docker_home }}/bitwarden_rs/data" | Path were application data should be stored |
bitwarden_rs_signups_allowed | Boolean | true | Enable/Disable open account creation |
bitwarden_rs_invites_allowed | Boolean | true | Enable/Disable account creation via invites |
bitwarden_rs_admintoken | String | "" | Password for admin interface. If left blank the interface is disabled. |
bitwarden_rs_websocket_enabled | Boolean | false | Enable/Disable Websocket |
bitwarden_rs_yubikey_enabled | Boolean | false | Enable/Disable Yubikey OTP authentication |
bitwarden_rs_yubikey_server | String | "" | The server to use for Yubikey OTP authentication |
bitwarden_rs_yubikey_id | String | "" | The ID to use on the Yubikey server |
bitwarden_rs_yubikey_key | String | "" | The secret key for the Yubikey ID |
bitwarden_rs_smtp_enabled | Boolean | false | Enable/Disable sending of mails via smtp |
bitwarden_rs_smtp_host | String | "" | SMTP Host to use for sending mail |
bitwarden_rs_smtp_from | String | "" | SMTP ´from:´ header |
bitwarden_rs_smtp_port | String | "" | SMTP Port to connect to |
bitwarden_rs_smtp_ssl | Boolean | true | Enable/Disable SSL connections to SMTP Host |
bitwarden_rs_smtp_username | String | "" | Username to authenticate with the SMTP Host |
bitwarden_rs_smtp_password | String | "" | Password to authenticate with the SMTP Host |
bitwarden_rs_traefik_enabled | Boolean | false | Enable/Disable access to application via Traefik |
bitwarden_rs_domain | String | "bitwarden.{{ charjabox_domain }}" | Domain used to access the application |
bitwarden_rs_http_port | Int | 9001 | Port used to access the application |
bitwarden_rs_websocket_port | Int | 3012 | Port used for Websocket |