feat(vaultwarden): add SMTP configuration options and enhance signup settings
- Introduced SMTP settings for Vaultwarden including host, port, security, and authentication details. - Added variables for signup verification, 2FA settings, password hints, and logging options. - Updated Vaultwarden deployment to utilize new SMTP configurations. - Enhanced Grafana module to support dynamic dashboard and datasource provisioning. - Added LLM proxy configuration for Open Web UI with necessary environment variables.
This commit is contained in:
@@ -32,6 +32,84 @@ variable "signup_enabled" {
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "signup_verify" {
|
||||
description = "Require email verification on signup (defense-in-depth)"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "disable_2fa_remember" {
|
||||
description = "Force 2FA on every login, no 'remember this browser'"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "show_password_hint" {
|
||||
description = "Show password hints on web login (no SMTP configured)"
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "password_hints_allowed" {
|
||||
description = "Allow users to set password hints"
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "disable_icon_download" {
|
||||
description = "Disable external icon downloads to prevent network leaks"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "icon_service" {
|
||||
description = "Icon service to use (internal, bitwarden, duckduckgo, google)"
|
||||
type = string
|
||||
default = "internal"
|
||||
}
|
||||
|
||||
variable "http_request_block_non_global_ips" {
|
||||
description = "Block requests to private/reserved IP addresses"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "extended_logging" {
|
||||
description = "Enable extended logging with timestamps for audit"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "websocket_enabled" {
|
||||
description = "Enable WebSocket notifications for real-time sync"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "sends_allowed" {
|
||||
description = "Allow users to create Bitwarden Sends"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "trash_auto_delete_days" {
|
||||
description = "Days before auto-deleting trashed items (empty = never)"
|
||||
type = string
|
||||
default = "30"
|
||||
}
|
||||
|
||||
variable "events_days_retain" {
|
||||
description = "Days to retain event logs (empty = indefinitely)"
|
||||
type = string
|
||||
default = "90"
|
||||
}
|
||||
|
||||
variable "admin_session_lifetime" {
|
||||
description = "Admin session lifetime in minutes"
|
||||
type = number
|
||||
default = 20
|
||||
}
|
||||
|
||||
variable "admin_token" {
|
||||
description = "Admin token for VaultWarden"
|
||||
type = string
|
||||
@@ -43,3 +121,90 @@ variable "db_folder" {
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
# --- SMTP / Email settings ---
|
||||
|
||||
variable "smtp_host" {
|
||||
description = "SMTP host for sending emails"
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "smtp_port" {
|
||||
description = "SMTP port (default: 587 for starttls, 465 for force_tls, 25 for off)"
|
||||
type = number
|
||||
default = 587
|
||||
}
|
||||
|
||||
variable "smtp_security" {
|
||||
description = "SMTP security mode: starttls, force_tls, or off"
|
||||
type = string
|
||||
default = "starttls"
|
||||
}
|
||||
|
||||
variable "smtp_from" {
|
||||
description = "Email address to send from"
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "smtp_from_name" {
|
||||
description = "Sender name for outgoing emails"
|
||||
type = string
|
||||
default = "Vaultwarden"
|
||||
}
|
||||
|
||||
variable "smtp_username" {
|
||||
description = "SMTP username for authentication"
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "smtp_password" {
|
||||
description = "SMTP password for authentication"
|
||||
type = string
|
||||
sensitive = true
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "smtp_timeout" {
|
||||
description = "SMTP connection timeout in seconds"
|
||||
type = number
|
||||
default = 15
|
||||
}
|
||||
|
||||
variable "smtp_auth_mechanism" {
|
||||
description = "SMTP authentication mechanisms (e.g., Plain, Login, Xoauth2, comma-separated)"
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "smtp_helo_name" {
|
||||
description = "Server name sent during SMTP HELO"
|
||||
type = string
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "smtp_embed_images" {
|
||||
description = "Embed images as email attachments"
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "smtp_debug" {
|
||||
description = "Enable detailed SMTP debug output (warning: may contain sensitive data)"
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "smtp_accept_invalid_certs" {
|
||||
description = "Accept invalid SMTP server certificates (dangerous, not recommended)"
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "smtp_accept_invalid_hostnames" {
|
||||
description = "Accept invalid SMTP server hostnames (dangerous, not recommended)"
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user