Add vaultwarden app

apps/registry.json

@@ -175,6 +175,28 @@
         "defaultPassword": "",
         "torOnly": false
     },
+    {
+        "id": "vaultwarden",
+        "category": "Password Managers",
+        "name": "Vaultwarden",
+        "version": "1.22.1",
+        "tagline": "Unofficial Bitwarden® compatible server",
+        "description": "Vaultwarden (formerly known as Bitwarden_RS) is an alternative implementation of the Bitwarden® server API written in Rust, compatible with upstream Bitwarden® clients*. Vaultwarden is perfect for self-hosting all of your passwords in an encrypted vault on your Umbrel. Vaultwarden is a full implementation of Bitwarden® API that includes:\n\n- Organizations support\n- Attachments\n- Vault API support\n- Serving the static files for Vault interface\n- Website icons API\n- Authenticator and U2F support\n- YubiKey and Duo support\n\n Please note that Vaultwarden is not associated with the Bitwarden® project nor 8bit Solutions LLC. When using this app, please report any bugs or suggestions to us directly, regardless of whatever clients you are using (mobile, desktop, browser, etc), and do not use Bitwarden®'s official support channels.",
+        "developer": "Daniel García",
+        "website": "https://github.com/dani-garcia",
+        "dependencies": [],
+        "repo": "https://github.com/dani-garcia/vaultwarden",
+        "support": "https://vaultwarden.discourse.group/",
+        "port": 8089,
+        "gallery": [
+            "1.jpg",
+            "2.jpg",
+            "3.jpg"
+        ],
+        "path": "",
+        "defaultPassword": "",
+        "torOnly": true
+    },
     {
         "id": "mempool",
         "category": "Explorers",

apps/vaultwarden/docker-compose.yml

@@ -0,0 +1,17 @@
+version: "3.7"
+
+services:
+  server:
+    image: vaultwarden/server:1.22.2@sha256:fe2a236b792fb2304ef50f86f1c25076ac5b2748e1b776fce260ad12ad29188d
+    user: "1000:1000"
+    restart: on-failure
+    stop_grace_period: 1m
+    ports:
+      - "$APP_VAULTWARDEN_PORT:$APP_VAULTWARDEN_PORT"
+    volumes:
+      - ${APP_DATA_DIR}/data:/data
+    environment:
+      ROCKET_PORT: "${APP_VAULTWARDEN_PORT}"
+    networks:
+      default:
+        ipv4_address: $APP_VAULTWARDEN_IP

scripts/configure

@@ -180,6 +180,8 @@ APP_SYNAPSE_IP="10.21.21.44"
 APP_SYNAPSE_PORT="8008"
 APP_ELEMENT_IP="10.21.21.45"
 APP_ELEMENT_PORT="8088"
+APP_VAULTWARDEN_IP="10.21.21.46"
+APP_VAULTWARDEN_PORT="8089"
 
 # Generate RPC credentials
 if [[ -z ${BITCOIN_RPC_USER+x} ]] || [[ -z ${BITCOIN_RPC_PASS+x} ]] || [[ -z ${BITCOIN_RPC_AUTH+x} ]]; then
@@ -365,6 +367,8 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "
   sed -i "s/<app-synapse-port>/${APP_SYNAPSE_PORT}/g" "${template}"
   sed -i "s/<app-element-ip>/${APP_ELEMENT_IP}/g" "${template}"
   sed -i "s/<app-element-port>/${APP_ELEMENT_PORT}/g" "${template}"
+  sed -i "s/<app-vaultwarden-ip>/${APP_VAULTWARDEN_IP}/g" "${template}"
+  sed -i "s/<app-vaultwarden-port>/${APP_VAULTWARDEN_PORT}/g" "${template}"
 done
 
 ##########################################################

templates/.env-sample

@@ -83,3 +83,5 @@ APP_SYNAPSE_IP=<app-synapse-ip>
 APP_SYNAPSE_PORT=<app-synapse-port>
 APP_ELEMENT_IP=<app-element-ip>
 APP_ELEMENT_PORT=<app-element-port>
+APP_VAULTWARDEN_IP=<app-vaultwarden-ip>
+APP_VAULTWARDEN_PORT=<app-vaultwarden-port>

templates/torrc-sample

@@ -119,4 +119,8 @@ HiddenServicePort <app-synapse-port> <app-synapse-ip>:<app-synapse-port>
 HiddenServiceDir /var/lib/tor/app-element
 HiddenServicePort 80 <app-element-ip>:80
 
+# vaultwarden Hidden Service
+HiddenServiceDir /var/lib/tor/app-vaultwarden
+HiddenServicePort 80 <app-vaultwarden-ip>:<app-vaultwarden-port>
+
 HashedControlPassword <password>