1.2.0 Release vaultwarden

2026-03-15 05:28:43 +09:00
parent 4b7ec4d638
commit 6fc12d0119
10 changed files with 211 additions and 21 deletions
--- a/docs/services/app/vaultwarden.md
+++ b/docs/services/app/vaultwarden.md
@@ -0,0 +1,50 @@
+# vaultwarden
+
+## Prerequisite
+
+### Create database
+
+- Create the password with `openssl rand -base64 32`
+  - Save this value in secrets.yaml in `postgres.password.vaultwarden`
+  - Access infra server to create vaultwarden_db with `podman exec -it postgresql psql -U postgres`
+
+```SQL
+CREATE USER vaultwarden WITH PASSWORD 'postgres.password.vaultwarden';
+CREATE DATABASE vaultwarden_db;
+ALTER DATABASE vaultwarden_db OWNER TO vaultwarden;
+```
+
+### Create admin hash
+
+- Create the password with `openssl rand -base64 32`
+  - https://argon2.online/
+  - salt: auto generate
+  - parallelism: factor 4
+  - memory cost: 65536
+  - iterations: 3
+  - hash length: 32
+  - type: argon2id
+- Save this value in secrets.yaml in `vaultwarden.admin.password` and `vaultwarden.admin.hash`
+
+### Add postgresql dump backup list
+
+- [set_postgresql.yaml](../../../ansible/roles/infra/tasks/services/set_postgresql.yaml)
+
+```yaml
+- name: Set connected services list
+  ansible.builtin.set_fact:
+    # telegraf has no database
+    connected_services:
+      - ...
+      - "vaultwarden"
+
+```
+
+## Configuration
+
+- https://vault.ilnmors.com/admin
+  - token value: vaultwarden.admin.password
+- Users:Invite User:Email
+  - add
+- https://vault.ilnmors.com
+  - Create account and input the Email which added in admin page