From bb4bdfca708bec9a22444a97d1d76ddccf31fdc4 Mon Sep 17 00:00:00 2001
From: Viyurz <viyurz@viyurz.fr>
Date: Fri, 15 Mar 2024 10:52:59 +0100
Subject: [PATCH] Vaultwarden: Enable admin page & remove
 SIGNUPS_ALLOWED=false.

---
 roles/vaultwarden/templates/docker-compose.yaml | 2 +-
 secrets.yml.example                             | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/roles/vaultwarden/templates/docker-compose.yaml b/roles/vaultwarden/templates/docker-compose.yaml
index 3e7c9ee..b43453c 100644
--- a/roles/vaultwarden/templates/docker-compose.yaml
+++ b/roles/vaultwarden/templates/docker-compose.yaml
@@ -7,7 +7,7 @@ services:
     environment:
       - DOMAIN=https://vw.{{ domain }}
       - SIGNUPS_ALLOWED=false
-      - INVITATIONS_ALLOWED=false
+      - ADMIN_TOKEN={{ vaultwarden_secrets['admin_token_hash'] | regex_replace('\$', '$$') }}
     ports:
       - 127.0.0.1:{{ ports['vaultwarden'] }}:80
     volumes:
diff --git a/secrets.yml.example b/secrets.yml.example
index ccd9b21..0cabba8 100644
--- a/secrets.yml.example
+++ b/secrets.yml.example
@@ -21,3 +21,7 @@ synapse_secrets:
   turn_shared_secret: "{{ coturn_secrets['static_auth_secret'] }}"
   macaroon_secret_key:
   form_secret:
+
+vaultwarden_secrets:
+  # Generate with: docker exec --rm -ti docker.io/vaultwarden/server:alpine /vaultwarden hash
+  admin_token_hash: