forked from dadatuputi/bitwarden_gcloud
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.env.template
132 lines (109 loc) · 4.5 KB
/
.env.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
### GLOBAL VARIABLES ###
# The fully-qualified domain name for Bitwarden - what address do you want Bitwarden accessible?
# Used for caddy proxy and ddns with Cloudflare
DOMAIN=
# Timezone - used by some containers for logs / cron
# Find your location on this list and use the value in TZ Database Name, e.g Europe/Rome:
# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=
# SMTP settings for Bitwarden and fail2ban
# Uncomment and fill in details if you want to use e-mail invitations from bitwarden and e-mail alerts with fail2ban
# SMTP_EXPLICIT_TLS (SMTP_SECURE_SMTP in the admin ui) and SMTP_SSL should be either blank for defualt, true, or false
# (see https://github.com/dani-garcia/vaultwarden/issues/1712)
#SMTP_HOST=
#SMTP_FROM=
#SMTP_PORT=
#SMTP_SSL=
#SMTP_USERNAME=
#SMTP_PASSWORD=
#SMTP_EXPLICIT_TLS=
### BITWARDEN VARIABLES ###
# Setting up Bitwarden for the first time can be done in two ways:
# Uncomment the method you want to use / comment the one you don't
# Method 1. [RECOMMENDED] because it avoids the admin page entirely; using the admin
# page overrides these environmental variables which can cause confusion.
# 1. Set up your primary account(s) while SIGNUPS_ALLOWED=true
# 2. Set SIGNUPS_ALLOWED=false
# 3. Set the SMTP details above to enable e-mail invitation
# 4. Invite other users from within Bitwarden
# Keep ADMIN_TOKEN blank to disable access to the admin page entirely.
SIGNUPS_ALLOWED=true
ADMIN_TOKEN=
# Method 2. Use the admin page to create your first user(s) then disable it.
# 1. Set ADMIN_TOKEN using gthe command `openssl rand -base64 48`
# 2. Use the admin page (/admin) to create your initial user(s).
# 3. Disable the admin page by clearing the token (ADMIN_TOKEN=)
#SIGNUPS_ALLOWED=false
#ADMIN_TOKEN=
# Specify YUBIKEY info if desired
YUBICO_CLIENT_ID=
YUBICO_SECRET_KEY=
YUBICO_SERVER=
# Specfiy which user email addresses can create organizations
# Leave blank to allow all users
ORG_CREATE_USER=
# Bitwarden Backup Options
#
#
# GENERAL OPTIONS:
#
# How often to run the backup script; default is daily at midnight
BACKUP_SCHEDULE=0 0 * * *
# How many days of backups to keep
BACKUP_DAYS=30
# Directory to place backups in (& sync from in rclone)
BACKUP_DIR=/data/backups
# Emails can be sent for either email backup or notifying of rclone|local backup
BACKUP_EMAIL_FROM_NAME="Bitwarden Backup"
# Optional encryption key for backup
# BACKUP_ENCRYPTION_KEY="<key to encrypt backup - optional, bw data is encrypted at rest>"
# Email address to send backup (BACKUP=email) or notifications (BACKUP=rclone && BACKUP_RCLONE_NOTIFY=true)
BACKUP_EMAIL_TO="<email to send the backup to>"
# Send email notification for rclone|local backup jobs
BACKUP_EMAIL_NOTIFY=true
#
#
# Backup type is one of local|email|rclone - uncomment one:
#
# LOCAL BACKUP OPTIONS
#
# Just uncomment this
# BACKUP=local
#
# EMAIL BACKUP OPTIONS:
#
# Just uncomment this; uses email settings above
# BACKUP=email
#
# RCLONE BACKUP OPTIONS:
#
# rclone:
# 1. Uncomment lines below and `docker-compose up -d`
# 2. With bitwarden running, configure rclone with the following command:
# sudo docker exec -it bitwarden rclone config --config $BACKUP_RCLONE_CONF
# 3. Follow the prompts and instructions at https://rclone.org/remote_setup/ - you
# will most likely need to download a rclone on another computer (it is portable)
# to authorize
# 4. The script should run as normal with a working configuration file
# BACKUP=rclone
# BACKUP_RCLONE_CONF=/data/rclone.conf
# BACKUP_RCLONE_DEST=/bw_backup
### PROXY / CADDY VARIABLES ###
# EMAIL address to use with Let's Encrypt certificate provisioning
EMAIL=
### DDNS VARIABLES ###
# These variables are only necessary if you are using DDNS / comment them out if you don't use ddns
# Enter user id (use `id -u` to determine your user id)
PUID=
# Enter group id (use `id -g` to determine your group id)
PGID=
### COUNTRY BLOCKING VARIABLES ###
# Put any countries you want to block here using their ISO 3166-1 alpha-2 code (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)
# Defaullt is China (CN), Hong Kong (HK), and Australia (AU) because gcloud free tier charges egress to those countries
# Data is pulled from www.ipdeny.com
COUNTRIES=CN HK AU
# How often to update the ip block list - default is daily at midnight; see https://en.wikipedia.org/wiki/Cron#CRON_expression
COUNTRYBLOCK_SCHEDULE=0 0 * * *
### WATCHTOWER VARIABLES ###
# How often should watchtower check for updated container images? Default is every Sunday at 3am
WATCHTOWER_SCHEDULE=0 0 3 ? * 1