Create repo

.env

@@ -1 +1,10 @@
-# Template
+ADMIN_TOKEN= # randomly generated string of characters, for example running openssl rand -base64 48
+WEBSOCKET_ENABLED=true
+SIGNUPS_ALLOWED=true ##change to false once create the admin account
+SMTP_HOST=vaultwarden-msmtpd
+SMTP_FROM=hostinfo@tips-of-mine.fr
+SMTP_PORT=2500
+SMTP_SSL=true
+SMTP_USERNAME=
+SMTP_PASSWORD=
+DOMAIN=https://vaultwarden.tips-of-mine.com

.gitea/workflows/ci-develop.yml

@@ -14,11 +14,17 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Checkout repository
+    - name: Checkout
       uses: actions/checkout@v4
 
+    # https://github.com/docker/setup-qemu-action#usage
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3.2.0
+
+    # https://github.com/marketplace/actions/docker-setup-buildx
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      id: buildx
+      uses: docker/setup-buildx-action@v3.6.1
 
     - name: Create necessary Docker networks
       run: |
@@ -30,8 +36,7 @@ jobs:
 
 #    - name: Modify /etc/hosts for internal routing
 #      run: |
-#        echo "127.0.0.1 gitea.tips-of-mine.com" | sudo tee -a /etc/hosts
-#        echo "127.0.0.1 dashboard.tips-of-mine.com" | sudo tee -a /etc/hosts
+#        echo "127.0.0.1 vaultwarden.tips-of-mine.com" | sudo tee -a /etc/hosts
 
     - name: Print Docker Compose services status
       run: docker ps
@@ -39,7 +44,7 @@ jobs:
     - name: Wait for the application to be ready via Traefik
       run: |
         echo "Checking the routing and availability of application via Traefik..."
-        timeout 5m bash -c 'while ! curl -fsSLk "https://metabase.tips-of-mine.com"; do echo "Waiting for the application to be ready..."; sleep 10; done'
+        timeout 5m bash -c 'while ! curl -fsSLk "https://vaultwarden.tips-of-mine.com"; do echo "Waiting for the application to be ready..."; sleep 10; done'
 
     - name: Inspect Network Configuration
       run: |
@@ -54,4 +59,4 @@ jobs:
       if: always()
       run: |
         docker compose --profile setup down
-        rm -rf /workspace/tips-of-mine/metabase/*
+        rm -rf /workspace/tips-of-mine/vaultwarden/*

.gitea/workflows/ci-main.yml

@@ -14,11 +14,17 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Checkout repository
+    - name: Checkout
       uses: actions/checkout@v4
 
+    # https://github.com/docker/setup-qemu-action#usage
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v3.2.0
+
+    # https://github.com/marketplace/actions/docker-setup-buildx
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      id: buildx
+      uses: docker/setup-buildx-action@v3.6.1
 
     - name: Create necessary Docker networks
       run: |

config.json

@@ -0,0 +1,44 @@
+{
+    "domain": "https://vaultwarden.tips-of-mine.com",
+    "sends_allowed": true,
+    "disable_icon_download": false,
+    "signups_allowed": false,
+    "signups_verify": false,
+    "signups_verify_resend_time": 3600,
+    "signups_verify_resend_limit": 6,
+    "invitations_allowed": true,
+    "password_iterations": 100000,
+    "show_password_hint": false,
+    "admin_token": "asddf45/6HEpPORN7LAIjc+fV+ghdssdghwerhj345hdssdgffg",
+    "invitation_org_name": "Vaultwarden",
+    "ip_header": "X-Real-IP",
+    "icon_cache_ttl": 2592000,
+    "icon_cache_negttl": 259200,
+    "icon_download_timeout": 10,
+    "icon_blacklist_non_global_ips": true,
+    "disable_2fa_remember": false,
+    "authenticator_disable_time_drift": false,
+    "require_device_email": false,
+    "reload_templates": false,
+    "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
+    "disable_admin_token": false,
+    "_enable_yubico": true,
+    "_enable_duo": false,
+    "_enable_smtp": true,
+    "smtp_host": "vaultwarden-msmtpd",
+    "smtp_ssl": false,
+    "smtp_explicit_tls": false,
+    "smtp_port": 587,
+    "smtp_from": "password@example.com",
+    "smtp_from_name": "Vaultwarden Password Manager",
+    "smtp_username": "user@example.com",
+    "smtp_password": "sendinblue login password",
+    "smtp_timeout": 15,
+    "smtp_accept_invalid_certs": false,
+    "smtp_accept_invalid_hostnames": false,
+    "_enable_email_2fa": true,
+    "email_token_size": 6,
+    "email_expiration_time": 600,
+    "email_attempts_limit": 3
+  }
+  

docker-compose.yml

@@ -8,35 +8,72 @@ networks:
 
 #### SERVICES
 services:
-### hello_world
-  hello_world:
-    container_name: gitea-app
-    hostname: gitea-app
-    image: hello-world
-    environment:
-    restart: always
-    networks:
-#      - back_network_gitea
-      - traefik_front_network
+### 
+  vaultwarden:
+    container_name: vaultwarden
+    hostname: vaultwarden
+    image: vaultwarden/server:latest
+    restart: unless-stopped
     volumes:
+     - ./bitwarden:/data:rw
+    environment:
+#     - ROCKET_TLS={certs="/ssl/certs/certs.pem",key="/ssl/private/key.pem"}  // Environment variable is specific to the Rocket web server
+     - ADMIN_TOKEN=${ADMIN_TOKEN}
+     - WEBSOCKET_ENABLED=true
+     - SIGNUPS_ALLOWED=false
+     - SMTP_HOST=${SMTP_HOST}
+     - SMTP_FROM=${SMTP_FROM}
+     - SMTP_PORT=${SMTP_PORT}
+     - SMTP_SSL=${SMTP_SSL}
+     - SMTP_USERNAME=${SMTP_USERNAME}
+     - SMTP_PASSWORD=${SMTP_PASSWORD}
+     - DOMAIN=${DOMAIN}
     labels:
       - "traefik.enable=true"
       - "traefik.docker.network=traefik_front_network"
 # HTTP
-      - "traefik.http.routers.hello-world-http.rule=Host(`hello-world.tips-of-mine.com`)"
-      - "traefik.http.routers.hello-world-http.entrypoints=http"
-      - "traefik.http.routers.hello-world-http.priority=49"
+      - "traefik.http.routers.vaultwarden-http.rule=Host(`vaultwarden.tips-of-mine.com`)"
+      - "traefik.http.routers.vaultwarden-http.entrypoints=http"
+      - "traefik.http.routers.vaultwarden-http.priority=49"
 # HTTPS
-      - "traefik.http.routers.hello-world-https.rule=Host(`hello-world.tips-of-mine.com`)"
-      - "traefik.http.routers.hello-world-https.entrypoints=https"
-      - "traefik.http.routers.hello-world-https.tls=true"
-      - "traefik.http.routers.hello-world-https.priority=50"
-      - "traefik.http.routers.gitea.service=gitea-https-service"
+      - "traefik.http.routers.vaultwarden-https.rule=Host(`vaultwarden.tips-of-mine.com`)"
+      - "traefik.http.routers.vaultwarden-https.entrypoints=https"
+      - "traefik.http.routers.vaultwarden-https.tls=true"
+      - "traefik.http.routers.vaultwarden-https.priority=50"
+      - "traefik.http.routers.vaultwarden.service=vaultwarden-https-service"
 # Middleware
 # Service
-#      - "traefik.http.services.gitea-https-service.loadbalancer.server.port=3000"
-#      - "traefik.http.services.gitea-https-service.loadbalancer.server.scheme=https"
-#      - "traefik.http.services.gitea-https-service.loadbalancer.healthcheck.hostname=gitea.traefik.me"
-#      - "traefik.http.services.gitea-https-service.loadbalancer.healthcheck.method=foobar"
-#      - "traefik.http.services.gitea-https-service.loadbalancer.healthcheck.timeout=10"
-#      - "traefik.http.services.gitea-https-service.loadbalancer.healthcheck.interval=30"
+      - "traefik.http.services.vaultwarden-https-service.loadbalancer.server.port=80"
+#      - "traefik.http.services.vaultwarden-https-service.loadbalancer.server.scheme=https"
+#      - "traefik.http.services.vaultwarden-https-service.loadbalancer.healthcheck.hostname=vaultwarden.tips-of-mine.com"
+#      - "traefik.http.services.vaultwarden-https-service.loadbalancer.healthcheck.method=foobar"
+#      - "traefik.http.services.vaultwarden-https-service.loadbalancer.healthcheck.timeout=10"
+#      - "traefik.http.services.vaultwarden-https-service.loadbalancer.healthcheck.interval=30"
+
+###
+  msmtpd:
+    container_name: vaultwarden-msmtpd
+    hostname: vaultwarden-msmtpd
+    image: crazymax/msmtpd:latest
+    networks:
+    - back_network_metabase
+    environment:
+      - "TZ=Europe/Paris"
+      - "PUID=1500"
+      - "PGID=1500"
+      - "SMTP_HOST=10.0.4.52"
+      - "SMTP_PORT=587"
+      - "SMTP_TLS=on"
+      - "SMTP_STARTTLS=on"
+      - "SMTP_TLS_CHECKCERT=off"
+      - "SMTP_AUTH=on"
+      - "SMTP_USER=hostinfo@tips-of-mine.fr"
+      - "SMTP_PASSWORD=Whf2VtLEd2QR4er"
+      - "SMTP_DOMAIN=localhost"
+      - "SMTP_FROM=hostinfo@tips-of-mine.fr"
+    restart: always
+    healthcheck:
+      test: ["CMD-SHELL", "echo EHLO localhost"]
+      interval: 5s
+      timeout: 5s
+      retries: 5