From a048a1827af6fdce57a87eda9465fa1342dfb882 Mon Sep 17 00:00:00 2001
From: Adam Hnat <adam.hnat@emakina.com>
Date: Thu, 19 Jan 2023 14:42:11 +0100
Subject: [PATCH] Deploy vaultwarden into Azure as container app

Scripts to 'one click' vaultwarden deployment into Azure Cloud as
container app (cheapest option) with enabled vaultwarden external
storage on fileshare. It uses official vaultwarden container
docker.io/vaultwarden/server:latest
---
 Azure/Readme.md  |  38 ++++++++
 Azure/db.sqlite3 | Bin 0 -> 221184 bytes
 Azure/main.bicep | 170 +++++++++++++++++++++++++++++++++++
 Azure/main.json  | 226 +++++++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 434 insertions(+)
 create mode 100644 Azure/Readme.md
 create mode 100644 Azure/db.sqlite3
 create mode 100644 Azure/main.bicep
 create mode 100644 Azure/main.json

diff --git a/Azure/Readme.md b/Azure/Readme.md
new file mode 100644
index 00000000..05574ad7
--- /dev/null
+++ b/Azure/Readme.md
@@ -0,0 +1,38 @@
+# Creates a Vaultwarden Container App within Azurefile external storage
+
+[![Deploy To Azure](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/deploytoazure.svg?sanitize=true)](https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fadamhnat%2Fvaultwarden%2Fmain%2FAzure%2Fmain.json)
+[![Visualize](https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/1-CONTRIBUTION-GUIDE/images/visualizebutton.svg?sanitize=true)](http://armviz.io/#/?load=https%3A%2F%2Fraw.githubusercontent.com%2Fadamhnat%2Fvaultwarden%2Fmain%2FAzure%2Fmain.json)
+
+This template provides a way to deploy a **Vaultwarden** in a **Azure Container App** with external **file share** storage that can be used to backup restore data easly.
+
+Deploy:
+1. Click above button and select 
+- Resource Group - all resources will be created in that group, you can choose also to create new one
+- Storage Account Type - in case that you you like to be more resistant for failure you may choose Standard_GRS or any other storage with redundancy.
+- AdminAPI Key - it will be generated automaticly or you can specify your own one. It will be used to access /admin page
+- Choose memory and cpu sizing - I recommend to start with 0.25 cpu and 0.5 Memory 
+    The total CPU and memory allocations requested for all the containers in a container app must add up to one of the following combinations.
+    vCPUs (cores) 	Memory
+    0.25 	0.5Gi
+    0.5 	1.0Gi
+    0.75 	1.5Gi
+    1.0 	2.0Gi
+    1.25 	2.5Gi
+    1.5 	3.0Gi
+    1.75 	3.5Gi
+    2.0 	4.0Gi
+- **Deploy**
+- copy db.sqlite3 (empty database, with WAL off) into fileshare (deployment bug - vaultwarden cannot create new database in SMB share)
+
+2. Resource vaultwarden Microsoft.App/containerApps failed - if in some case you will notice failed message, just click **redeploy** and reenter same data as before - it may happen when Azure provision resources and link to storage isn't created at time.
+
+Updating to new version:
+in Azure Portal:
+- Open Resource Group -> vaultwarden -> Revision management -> **Create revision** -> type name/suffix -> check vaultwarden in Container image section -> **create**
+  This will update your vaultwarden container app into most recent version, keeping data in place, in no downtime.
+
+Get Admin key:
+- Resource Group -> vaultwarden -> Containers -> Environment Variables -> double click on ADMIN_TOKEN **value**
+
+Restore your backup into Azure Contaier App:
+- The storage is accesible via SMB in contaner it means that sqlite WAL needs to be turned off, make sure before put database in fileshare that you turned off WAL [Running without WAL enabled](https://github.com/dani-garcia/vaultwarden/wiki/Running-without-WAL-enabled)
\ No newline at end of file
diff --git a/Azure/db.sqlite3 b/Azure/db.sqlite3
new file mode 100644
index 0000000000000000000000000000000000000000..078456b861bb4752572847d3f568704d208e41d2
GIT binary patch
literal 221184
zcmeI4Uu+x6eaA`5CM8NF{pajGpYF~Z`y7jB>C6=+%Sw7lXdUmOp8oh`>Uu_jF4p8q
zT9_hv+@)+8X&cFQlQcnF6ll`|eJBc~Xw#wv+O#h%+J_cxUkc=aJ{0Lo{{an(q>q<}
zqD5zBcZM_ME^RdqV3}WDEbh+yX6E<%{C@MB<?d{5zPIFfw!YD5ZCjpRh#il`<FU`_
zdMp+jBLA+EfBf?~a&VNNkngy39CbJpd*j&kW2E*-_G2pZM)tq6A7@&ri=$sj{@cjM
ziN8+%{;}Uk{L0a99<zu3@@V78qoFSx`Aqx=@gGEWi1MdGpmZjo-73UmPQ7a1b3d$+
z7%;82*I?&n+qGM+*=TKAb?3h2IgPq&PKOj~rPBxP#t7-=%$|2Lsa?4ef1r8R?V9b2
zR2sFKU15Xw6r5UED;3Kny<EJ$RMLB@^@)_uO3ilLsp|fxT>7A_udI@P>q|@eTIuc5
zT4`mWbklFHPf*d^Bx%?g*l!-$up{V7&2OwNE*IBs>F<_qky1jE^)lJrZ7!87o=Rxz
zSNc0a8p90ONkuR0O&w2amoCNk&oXj~%aoH73NfY1r_}*PaH%Fs7EwNRYugT(c8k*L
z+fJ?K)Hh9g+j44ZPpRDeiG;R%DavF;Ez?j=PwrjIB()0{;`?*VREdIgm{rV_DpVu;
z+DC?cjN=u>B-aZvO8=?cY&M}SUWl?<($X}fljD0kV@Yj%JpN#TS-jDxRmr>zzS4@N
zL7{48;795!5%*obth8*)v#Tb_{cn*8RbE^!30dmQcC*^Qp2v6CSbgT0AQjRsm77W@
zwBmRaufSH*2o5rPc8W#DgA<IC<#|?RYum1Su5>u6@RBMRGm#~DME7InG`E6T?T5E4
zE7@FOa&l_eaB8+0n9f2(YDsCcde^y6r`O_2x%5tHO?V?k!f3Q#7)d6XhIBIa@c1wb
zqc7d{CyuXHpxuaqMW{?&uVe(GkuX;1q(?^+l_#Ia1(h!qA=ZhlK#Vi%C?MfxtAI2a
z{pjdf0i+gU(umYAPwY+(psw+Dn^MxF`fvvcWvG}G*HJn%v4&^6fq?%-P4h#*u2q#P
zUPC6Lr8MdF2kXGvX|(7io%mc|U0o^_S2{_6Ot6uD6D)`Vl8pRNN$pz+7D12vRi<k1
zI2GFszLH7=1%=&-h$z$RyuQ)%1d$UiqC`#appyT)BSv*zPg6=)4TI1SXtv!g(`($Z
z>(m3>do6pTWs8cQzKKhc{ag}YHI3k4_|e=@Qq#2f&o8q{%}il`jw<d5ObngQ2X=`c
zQQ_1(>x3^w{)P(rR|P_b9rV!9*H;$bTQ9MhqFikF?Rw;?VAFElyNy=W+_K!Qp#SSj
ztJm2fU;e0|Yt_7<UVMcLiXO>qYWY{e;gennZaH<{HTU}+dsmFY55o0tIXh&jHRT4p
zlV<yN&8a9=BCx!M*EC(5EaZIXPSCNsmR)J=*e!W*hQY41NuJm>UC-KX`n92o*&nuv
zW;L>$n$-rmrmK_e6fStLQfpVq#l&W<aoeh~B-SIC%H@tFv^TY=#hnFg@M9y9JNkH0
z|DyQV-UsodRxHN%Kh5TYX;vNEwQHtZ*&-olZabTS3!`g}C^IKoj^#E6j9_)ik0bs4
z;@ZOJi)$0J`JB8YDk}qP&}!FBB2O=~ZkCJ7H-v=#R_X2H`che6SYIPQOUkAYN#$-H
zNobqJC}7cgnnq+D`3*TfMgF`vo+f|Kjc&xU-^qR}`wQ8v?Dg!+nU6Ey&U`cTF!NKH
zYnhYj@1_4H{hR6g>2msw^zhifj{W)AuZ}gxethh;(f=L&$I(9;{TgYG4+ww&2!H?x
zfB*=900@A9An@9`p<H1)KRs>ajcdkS{wg`lPZy^0#*}eQ&(D3TaP?C&h1XsUr1Epq
zbB2*8pD?LcxKx34m@ixllX{s;8OGdnVP@Vi!lcH1DKgmfjB$0QFdZuOQXrMTR>&Lk
zh1q<l)LAYyN9zm5OsMuRa;aIW(JWCaOfQW~%@89Ch3VPQ5zla`f-!4cEzB69eVy(|
z8OA&@lzO6v{R_SnRej!=D-cJ8NuA<S28BNp;h~d(RQ?)8FiZXy*4GIxMR^%BvxU$R
zk8`P+{QNXQ&ye+KpXE{ogIG74p9vi?!=wxn3nT_<fX#>LmF7};B0)S}2&Fm}ND+Om
zP8(ORhI?q#m%2uLJ!cTfaH&)vMaa(^Gc&WZb76Xobfk##1X-vbhq=@>GUD8{Va$Z}
zmE=-no{<?z;D<>ixYSiP;OulLuVY+lmiW2A{tJn(qe3cw&A3Yc3mb8WOU+PTvm~s;
zq>gZ@X<}i1b}n4|IF}*}j5#u5SYIiUqt2zj70dot_MftUm;ICMZ)JZm`-QBNeLuU9
z&1YZ9rZPXs{Cno3%wJ@FFY{}eN10Z}%q(T*GoQ?y%EZ#&Pk$%<x1>2fAOHd&00JNY
z0w4eaAOHd&00KV(0_65Woct`5ZYG`MMV&iGuZkjZo9Go$B<=~l927}6fW~=I=WfqS
zqDb7@IV+09eVi9Xk+^B2i6U`_=8RMn+>SXN6iN49UJym%M$0K))VZs2QWS|>C?`ab
zxL<Ny6p5Q7S-(iW6Os`{;<iVc7j^D&j0Hu~4UJJ=)VX_+l8S;`6(gcZ+?N;@MdBtz
zQWS|h4hc~tZZ90`6!CirM@5miaWEu`#9e|T<d)OOG`R&ylnQPM(C7bT(?32S00JNY
z0w4eaAOHd&00JNY0w4ea&oKe|{2#ynpJNBZG!Os*5C8!X009sH0T2KI5C8!XAO!IH
zA7KCjAOHd&00JNY0w4eaAOHd&00PfH0qp;O{(TG!K>!3m00ck)1V8`;KmY_l00cll
zdj6jT4G;hU5C8!X009sH0T2KI5C8!X0D<R|0G|IppMHf^AOHd&00JNY0w4eaAOHd&
z00JN&6Of+&kI3aX1_2NN0T2KI5C8!X009sH0T2KI5O{tF;Q9aa<4afq0w4eaAOHd&
z00JNY0w4eaAOHeU1f=Kxqfs&_2LTWO0T2KI5C8!X009sH0T2KI5IEcf@cjR9`w!ZK
z00@8p2!H?xfB*=900@8p2!Ozo5Rjh#KZ!VGKmY_l00ck)1V8`;KmY_l00ck)1P&nq
zJpVt0PJ_xI00JNY0w4eaAOHd&00JNY0w8ce0(ky^KwuCD0T2KI5C8!X009sH0T2KI
z5CDNgNC40O524ebG6;YG2!H?xfB*=900@8p2!H?x9FPE>{~r(-#6bWAKmY_l00ck)
z1V8`;KmY_l;1CkP^Z!HWG^h*$AOHd&00JNY0w4eaAOHd&00IXjfam`Q1O{;s009sH
z0T2KI5C8!X009sH0T4KZ1n~U-5IPMig8&GC00@8p2!H?xfB*=900@A<0SVyw{{ewP
z90WiB1V8`;KmY_l00ck)1V8`;4j}>j{y&6HgUTQP0w4eaAOHd&00JNY0w4eaAaFne
z>9N0$or<4{WiMvFedL48H!}A}|6%kSssBv<apH@qdn5Vb?<a3&3hD2q6GzSxu>tw)
z$HtRdp%8y?$+K?P?26OevRkfMY1GJx=QQeWNYTi`TB%qr>E+_}rIH>ZpiiXqpxkV?
zovQAC%B2s=`pPQ#x4yKbua({|t(8_5N;i2I`UDluP143f0l$Ojrb5t_n%`JkTrRHN
z(%&uJ(kFZcSwEBA9p_THH(yF<?_G|^oO;#1=YCjoJlnL|UW1*R8;x3(5edi`T?Mav
z`QlJg)3o?6<ru-XOQhMKqY5Qf#JEU60xr7F%%f+5j${Gj(XuViu9}u7+URc)ACwoD
zOQI1KY&WY<CTMS4POZ}!JL*+qeP!{z^%Cv4Zf)CL;=O89!KUT9cN?v$xn;RqL5u54
ztJm2fw~q?CR!y?TmkbpYJrdWnEEbje;!3&nPHC+}OdZ;(^RB5)w9dL??{@1SVL;2-
zAq-8q0q>>RzFl)FN)_vbj^H)Crs>+1md(fZ9V_ZucBQdnx40I(Ptv5_a=cyB^{nlt
zU)$pe+KK&Pn`l<E>z-L{5ck#HkjP<z_bRn^m4wS?t#R9`5wQ@#6qyV)hjw<Sx?y^|
zO<O?aUeezxy<J>iD(iVgmbxKY*2vS(q)se#HXJ`@MX2%)X$F|oYnJPoOm5eyZ_?n7
z5^QWb^+1v&r#A5}4}dUTS!|ni`>yX`bx=`hdW}1FJyfJllVMfAzPh?pDz1nLCU_W=
zI&+q3->cY78j)e$SWSmT3Uy{~@5b?@cIi@l-(-2B(b}}?&V4_cm6H=n-cYJS@&^kP
z!JsQ^sB=~krD1a0snsZVKNTp|BsiMVG@x~)q!awKAooCffh``7);p=sR1{`ePc1sF
zm=_|@Z6wo+1aOp*w2NSs=@FIIm>>a*6^7`^*QS2W6m!H1L-R?cV!N(s)oMLqLfOjc
zrn`SyPr}D*vx(Ug$*eh>kA5!bj`YbCY40ayq7b)!Qs)+tHLZ9mp{-wuTGM>!oh8;a
zjh><x_Dd&|+LbHuhx3wir8Ye+PK7vDlK0)pwe>CYCyj7yA8&O!I{5W~PS(z<*{Iic
zdpsp3G|5+6PSrN~Qsed$CHSR@rud*sPvVOC6A5kkQj{x{@G=eM^yF+dp)FpBYT6l!
z_)j`HzIQE?)Gl0z@6R#MNmbHeR`Hfpp-w**y23${)ig+Xz(u=Ju}91v>0(0ZKb4zG
zC$!>tl*Rngi(i9f_IAdS+W2_<!2+{1s1Lr<iiJU;YF)^xD0`OLNLF)xJtfvA&V$xV
z*IVKBorvdYpp(h^1iX~Gd)lRP<k!i3G^eV)<B;TJ8o|MEEEfM6%IVSaUgd03yL>sm
z|I;!tGq{H5fP>SQ!w7O&MpC-8jt+vLH_83}IFFgh!ec?o?w)nh*ps@{BbjrhGYRch
zAu5dg%%y~;IUQ1{l};bDn;?%WeV@r4OK5Lu{k8GOPvnk1Ueq7s*v%seZL=8Ft7%pp
z+qG+^TiGJZySeRb23O9e5nVU5_dz_V6^rrxPqXldmW-}Bq6AH}9E%^e43G;zmtH}=
zUtC-Gd~t1JHlLGcp_ndoy0K5IT_@>Wr@wt}mW#_bgoH@v3+rp-r)Aj`BB>nS{~wTB
z8ZZ+CKmY_l00ck)1V8`;KmY_lV4w*|`~S}lGzb_E0w4eaAOHd&00JNY0w4eaAOHf-
zF@bdEe_|)&r(>BvP5)K;Yh%k}FOB}k=od#9Q=b_5?#Lew|I6?nBz`&j(a_hkza2jv
zFUIc2S`-F3`XN3Eoi_gL8wu^^RMbuld)sbp+V#q=8SE%Dx=SuU{Mo6bHZ>Lhiotee
zbk}#Ezpm`S=&n_EK>g@?4z_AYUp?EH<V_xQZwJ|-Qui8sFQ?Sf-&#Zq`fQkDt!<m{
z>6Ds_f%~-fx4=q`#35}>wIjR1P2#53Zj<c87q#?&OIXsLO+`TL@Dv+WXou1cP*ply
z{I2DArsr(iX4TsDH;x9)`2J9(_h7I2uIbbr&*59xXbZkgjq1QQVAmTS*{EG%Tam>J
z2C|g2$E{0KE~N}DZJB$Vcq;ek-evas#8+2YY`b>7>ass)l_+LKO6YdFX8z@S@<?&l
zE=9VtON|N<5J4Y(;zHiZCGA)13@(SHEZlh;g<zI8^93!r3S4dK4B`h{acmG-q^dWx
zxYOkh$eSOQq!~F38%Exl+(#R}6Sngj2Yok#>M3f(3miQ)><t0hd7viSvb=5G<2laX
z!r!SC+o^*Jsi_oNWNa2&WV0BV1fKsoN@xhS$PP%lr|dCe_PwU#Z;RuCyf<oR)vnoe
zYd^2+OdVCHs^j{v3j{Rvp1s3lH$B^3>}Q$at%BUcvpKeV^~)nH^n-1Z!PkTm{^x_z
z^Yq24-WQ0tn}uH8bD(!hazjNEYH{yG4;PD`QQcFi^G26EIl5+&)JT?cJB_2`U(r8$
zo~dFH6HV92`zp1nG6yMI77USdOX*t7jV;F|YZ-atNOVA>NqK{dvnA2dvYV~Oc2m67
zk~1a}TIpQWHN%Fr(;#mQ(Jj8>@Y3G9my+7KbMbwfg_Ecd2cJ|zN)-E9RdOkdCZ1R1
z{KodkcAO$@!1WVNSQ{SB5u12Lawabru{Z2kXpk+ubDvCT?_P`oK*GdqHprV;WRt5o
zEuUSSyZFQn>2`b3&1?G?UrTBiFUB9H89%vBKE9w(lxw<{r^il8+SZ@Ty`oW5LfS;#
znG<|1P$JO|-eKxwBc-~tR`d+6ykEkVob=Zq;+feC{oYD&>N^g3wS}Zj5}eY>dHXzj
zDPivfqbt=&ho4Z`N)-$(c>ykXXHkt%X}wS7j8F8NINsgHhE<^#nbYD>H}ofKVu&VV
z`#*M$&9#T`Fl$7GI2ctd5yb}$5ivc)N-mt(GciL$gD<h2*QaPQ`ypb(zhoqORYlig
z+Vl79@=62=8>A3=wO<HXo@Z6Iw#l1`B!r}sb9>EKSPTU(D@#?<;j0RHse-W=?;?}6
zng_nnUkW5jNlHk)veE<%Qk=wp!>QS3uo!iZLVITQu5+JW!SKn;wMdcWfL)@|hPl$q
z{a!%`MwVaKCa(hZzQawQegE#Ec+ERE+3y7i_A9_N*w;%_ulIXbh*RJ=u>YUliogd1
zKmY_l00ck)1V8`;KmY_l00f?M0@D8f=iE}52Ld1f0w4eaAOHd&00JNY0w4eagG&Ja
z|9^w)dsq$vAOHd&00JNY0w4eaAOHd&FgOJ8{C{wK4NE})1V8`;KmY_l00ck)1V8`;
z2A2SS{|~P3VL1qZ00@8p2!H?xfB*=900@A<;1Iz6|H1J!ECm4&009sH0T2KI5C8!X
z009sfTmpFhKe)b!<sbk8AOHd&00JNY0w4eaAOHe`LjceJ2gld26a+v31V8`;KmY_l
z00ck)1VCVL3E=tv;QAhxg8&GC00@8p2!H?xfB*=900;~Y0sQ_S9ACpy5C8!X009sH
z0T2KI5C8!X0D-|Jfc^i2>w8!Z0w4eaAOHd&00JNY0w4eaATT%t@ce&pd<{!M00ck)
z1V8`;KmY_l00ck)1O}G?p8pT7?_oIzfB*=900@8p2!H?xfB*=9z~B(T^Z&u|H7o@I
z5C8!X009sH0T2KI5C8!X7+eB){y(_Bhvgsu0w4eaAOHd&00JNY0w4eagF^t%{|Cp{
zuoMJ900ck)1V8`;KmY_l00cl_a0%e~|KR!_mV*EYfB*=900@8p2!H?xfB*;#4goy>
z9~@u9QV;+E5C8!X009sH0T2KI5CDO}C6FFI7fZ+Mv61f%zd!Qz#J7eo9sRS!mxeZv
z?#F+9=zRJkQpG;}dvHlT4a;+%N@#Ct@t9Mu+V|WKYmR4|R@-Z^bJO0j>z-+_ud5Fd
zb4krG;*aJ$>vqkqG-~9J=QQfBx!G#8n{IDOVPUOQESL0h@%mCp@2%G-Qo2&yZaY=I
z=Tk0yP}Wyg$-nibC4H^*c4@7&vQWAyH`OO-+uS7S(AUNc?~8RF*`eQ5>Z@g2RkKmA
z?e-|e3$CxOE|rQaLO-g(mQ%IOrscYK8?CC#CFSq1R_iN^@2!{g37Hc$Vp6s!m&z?%
zOK3k~MEOi^9gr}3%VzdpoK0#MFUB9Z%$uB<Yqwna*ibwu*D&Alf>5_Hd!HP2n~rTZ
zTANngxo`P_rTQ?kuaKsa4>?y!*-1U535yuQckXIJd-q}#U)~GT){xJpA1oG<+S#-5
zpWBw0`Vz?yj*Oscp&TOoShf1b+TwC??Uw#-=@yN&ez^P&)aKIUQJPA)>ejZ+#}5Bi
zx};iIm5S}Urd6wjH_-L4c(?C)cB^jH%&<AnI`Ri1lb#MzA#;&Ng;}+{a0SbY%cYy;
z;_?k;GPdj;$30-XRPORjLi_C5#{@y({^9*CBdLv##~)o{j<1pt36S9HisJh7LFswo
z{SoT?kuI7e%uc&%THeT8BzaP!Bzs2MO=^F1HHk|W$UXg1zxEVb-fq(#SzIZX-YKog
z!!+COmgzO_*mc%sGBwh&H(It*D9d|y8yi-|YqZRky=`ybwp+ZN6tOHv`*Y8qY^2+_
zSJz65@2t>(o}iP`uaL7mo2q_#Pvu7bIW|lezNzViRveG=PXO68f`k12XRai*+1dER
zbId~>ZJm0hvE8iMo*h;;srW8T!k@%kZxXf4oiuvG7A(mW8q&UY%;Mg5k^q~MJsnel
zT4U3xo1R0bY)G`|y3;hRYLz&SEJGnZkS-+ukSxG0nUs|yN%5V0Li@?tDBfXYOe3sx
zDwXpc_}MoS+Rdq`4oM8PHtl+4*9>xt(Oq&m7908<ZE7n16@$67yT1GUb;Xt4wU5cg
zJ>+C+)DN32t4@QzH=T>7QtD-4Af;T^+P43nt?g~g2~WIqY^vQId)Fi|Tf0q?Iap@p
zf4Bt81H4fA=D9({GwqOEG<faM3!6~!yO!gzASJnbS7{b1-Xa&5J9cZ=bn1@h1lf)$
z#Y3EhzU6vmz2P|<PQ_msEYH_mmg=NS#VT^br4++D$@j71sa$Td-^H_Q*Q>5+u&<XM
z-MgIBG%fzsRTiwQko`HUge5DAh(#7iBB?0zmf{dIS12wbFDU5~fbz9KS32r#EDO6L
ziirxnR}NH#hm-Tn^e_9r8`zHt_GeZxofSox-pO1<8-YMdToeH7z@+P$ARwYkY8K9l
zjX<l2aoy99&ykAL+zQqwK7yzcKZZnOUd68eL@8^?tJqjP;rd<jDzcQCT^{9C!J;7>
z8rVtom-Bs~C2!~hQm&rF93Y~cEA6G(s5vC}%Gr$f(rh($$j=)&)%8{hqk5`3e0deW
zJg0+^g$DcopT_Tc^Z^1O00JNY0w4eaAOHd&00JNY0?#%9?EinZ{R8bl00ck)1V8`;
zKmY_l00ck)1VG?v5Ww^Qr$G^YfB*=900@8p2!H?xfB*=900@A<vrPcc|DSFDKsyis
z0T2KI5C8!X009sH0T2KI5O^8{@cjR2P(&Xf00JNY0w4eaAOHd&00JNY0wC~g6TtKT
zXWKu}4g^2|1V8`;KmY_l00ck)1V8`;o(2It|9=`3(FX{C00@8p2!H?xfB*=900@8p
n2t3;a@cjST_7AiJ0T2KI5C8!X009sH0T2KI5CDOvLE!%Yw@?h=

literal 0
HcmV?d00001

diff --git a/Azure/main.bicep b/Azure/main.bicep
new file mode 100644
index 00000000..c3633c6a
--- /dev/null
+++ b/Azure/main.bicep
@@ -0,0 +1,170 @@
+@description('Storage Account type')
+@allowed([
+  'Premium_LRS'
+  'Premium_ZRS'
+  'Standard_GRS'
+  'Standard_GZRS'
+  'Standard_LRS'
+  'Standard_RAGRS'
+  'Standard_RAGZRS'
+  'Standard_ZRS'
+])
+param storageAccountSKU string = 'Standard_LRS'
+
+@description('Vaultwarden Admin API key used to access /admin page - minLength is 20')
+@minLength(20)
+@secure()
+param AdminAPIKEY string = base64(newGuid())
+
+@description('Number of CPU cores the container can use. Can be with a maximum of two decimals.')
+@allowed([
+  '0.25'
+  '0.5'
+  '0.75'
+  '1'
+  '1.25'
+  '1.5'
+  '1.75'
+  '2'
+])
+param cpuCore string = '0.25'
+
+@description('Amount of memory (in gibibytes, GiB) allocated to the container up to 4GiB. Can be with a maximum of two decimals. Ratio with CPU cores must be equal to 2.')
+@allowed([
+  '0.5'
+  '1'
+  '1.5'
+  '2'
+  '3'
+  '3.5'
+  '4'
+])
+param memorySize string = '0.5'
+
+var logWorkspaceName  = 'vw-logwks${uniqueString(resourceGroup().id)}'
+var storageAccountName  = 'vwstorage${uniqueString(resourceGroup().id)}'
+var location = resourceGroup().location
+
+resource storageaccount 'Microsoft.Storage/storageAccounts@2021-02-01' = {
+  name: storageAccountName
+  location: location
+  kind: 'StorageV2'
+  sku: {
+    name: storageAccountSKU
+  }
+  properties:{
+    accessTier: 'Hot'
+    allowSharedKeyAccess: true
+    allowBlobPublicAccess: true
+  }
+  resource fileshare 'fileServices@2022-09-01'={
+    name: 'default'
+    resource vwardendata 'shares@2022-09-01'={
+      name: 'vw-data'
+      properties:{
+        accessTier: 'Hot'
+      }
+    }
+  }  
+}
+
+resource logAnalyticsWorkspace 'Microsoft.OperationalInsights/workspaces@2020-10-01' = {
+  name: logWorkspaceName
+  location: location
+  properties: {
+    sku: {
+      name: 'PerGB2018'
+    }
+    retentionInDays: 30
+  }
+}
+
+
+resource containerAppEnv 'Microsoft.App/managedEnvironments@2022-06-01-preview'= {
+  name: 'appenv-vaultwarden${uniqueString(resourceGroup().id)}'
+  location: location
+  sku:{
+    name: 'Consumption'
+  }
+  properties:{
+    appLogsConfiguration:{
+      destination: 'log-analytics'
+      logAnalyticsConfiguration:{
+        customerId: logAnalyticsWorkspace.properties.customerId
+        sharedKey: logAnalyticsWorkspace.listKeys().primarySharedKey
+      }
+    }
+  }
+  resource storegeLink 'storages@2022-06-01-preview'={
+    name:'vw-data-link'
+    properties:{
+      azureFile:{
+        accessMode: 'ReadWrite'
+        accountKey: storageaccount.listKeys().keys[0].value
+        shareName: 'vw-data'
+        accountName: storageaccount.name
+    }
+  }
+  }
+}
+
+resource vwardenApp 'Microsoft.App/containerApps@2022-06-01-preview'= {
+  name: 'vaultwarden'
+  location: location
+  properties:{
+    environmentId: containerAppEnv.id
+    configuration:{
+      ingress:{
+        external: true
+        targetPort: 80
+        allowInsecure: true
+        traffic:[
+          {
+            latestRevision: true
+            weight: 100
+          }
+        ]
+      }
+    }
+    template:{
+      containers:[
+        {
+          name: 'vaultwarden'
+          image: 'docker.io/vaultwarden/server:latest'
+          resources:{
+            cpu: json(cpuCore)
+            memory: '${memorySize}Gi'
+          }
+          
+          volumeMounts:[
+            {
+              volumeName: 'vwdatashare'
+              mountPath: '/data'
+            }
+          ]
+          env: [
+            {
+              name: 'ADMIN_TOKEN'
+              value: AdminAPIKEY
+            }
+            {
+              name: 'ENABLE_DB_WAL'
+              value: 'false'
+            }
+          ]
+        }
+      ]
+      volumes:[
+        {
+          name:'vwdatashare'
+          storageName: 'vw-data-link'
+          storageType: 'AzureFile'
+        }
+      ]
+      scale:{
+        minReplicas: 1
+        maxReplicas: 4
+      }
+    }
+  }
+}
diff --git a/Azure/main.json b/Azure/main.json
new file mode 100644
index 00000000..c7d7b45c
--- /dev/null
+++ b/Azure/main.json
@@ -0,0 +1,226 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "metadata": {
+    "_generator": {
+      "name": "bicep",
+      "version": "0.13.1.58284",
+      "templateHash": "5335694332706655092"
+    }
+  },
+  "parameters": {
+    "storageAccountSKU": {
+      "type": "string",
+      "defaultValue": "Standard_LRS",
+      "allowedValues": [
+        "Premium_LRS",
+        "Premium_ZRS",
+        "Standard_GRS",
+        "Standard_GZRS",
+        "Standard_LRS",
+        "Standard_RAGRS",
+        "Standard_RAGZRS",
+        "Standard_ZRS"
+      ],
+      "metadata": {
+        "description": "Storage Account type"
+      }
+    },
+    "AdminAPIKEY": {
+      "type": "secureString",
+      "defaultValue": "[base64(newGuid())]",
+      "minLength": 20,
+      "metadata": {
+        "description": "Vaultwarden Admin API key used to access /admin page - minLength is 20"
+      }
+    },
+    "cpuCore": {
+      "type": "string",
+      "defaultValue": "0.25",
+      "allowedValues": [
+        "0.25",
+        "0.5",
+        "0.75",
+        "1",
+        "1.25",
+        "1.5",
+        "1.75",
+        "2"
+      ],
+      "metadata": {
+        "description": "Number of CPU cores the container can use. Can be with a maximum of two decimals."
+      }
+    },
+    "memorySize": {
+      "type": "string",
+      "defaultValue": "0.5",
+      "allowedValues": [
+        "0.5",
+        "1",
+        "1.5",
+        "2",
+        "3",
+        "3.5",
+        "4"
+      ],
+      "metadata": {
+        "description": "Amount of memory (in gibibytes, GiB) allocated to the container up to 4GiB. Can be with a maximum of two decimals. Ratio with CPU cores must be equal to 2."
+      }
+    }
+  },
+  "variables": {
+    "logWorkspaceName": "[format('vw-logwks{0}', uniqueString(resourceGroup().id))]",
+    "storageAccountName": "[format('vwstorage{0}', uniqueString(resourceGroup().id))]",
+    "location": "[resourceGroup().location]"
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Storage/storageAccounts/fileServices/shares",
+      "apiVersion": "2022-09-01",
+      "name": "[format('{0}/{1}/{2}', variables('storageAccountName'), 'default', 'vw-data')]",
+      "properties": {
+        "accessTier": "Hot"
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.Storage/storageAccounts/fileServices', variables('storageAccountName'), 'default')]"
+      ]
+    },
+    {
+      "type": "Microsoft.Storage/storageAccounts/fileServices",
+      "apiVersion": "2022-09-01",
+      "name": "[format('{0}/{1}', variables('storageAccountName'), 'default')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
+      ]
+    },
+    {
+      "type": "Microsoft.App/managedEnvironments/storages",
+      "apiVersion": "2022-06-01-preview",
+      "name": "[format('{0}/{1}', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)), 'vw-data-link')]",
+      "properties": {
+        "azureFile": {
+          "accessMode": "ReadWrite",
+          "accountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName')), '2021-02-01').keys[0].value]",
+          "shareName": "vw-data",
+          "accountName": "[variables('storageAccountName')]"
+        }
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.App/managedEnvironments', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)))]",
+        "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
+      ]
+    },
+    {
+      "type": "Microsoft.Storage/storageAccounts",
+      "apiVersion": "2021-02-01",
+      "name": "[variables('storageAccountName')]",
+      "location": "[variables('location')]",
+      "kind": "StorageV2",
+      "sku": {
+        "name": "[parameters('storageAccountSKU')]"
+      },
+      "properties": {
+        "accessTier": "Hot",
+        "allowSharedKeyAccess": true,
+        "allowBlobPublicAccess": true
+      }
+    },
+    {
+      "type": "Microsoft.OperationalInsights/workspaces",
+      "apiVersion": "2020-10-01",
+      "name": "[variables('logWorkspaceName')]",
+      "location": "[variables('location')]",
+      "properties": {
+        "sku": {
+          "name": "PerGB2018"
+        },
+        "retentionInDays": 30
+      }
+    },
+    {
+      "type": "Microsoft.App/managedEnvironments",
+      "apiVersion": "2022-06-01-preview",
+      "name": "[format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id))]",
+      "location": "[variables('location')]",
+      "sku": {
+        "name": "Consumption"
+      },
+      "properties": {
+        "appLogsConfiguration": {
+          "destination": "log-analytics",
+          "logAnalyticsConfiguration": {
+            "customerId": "[reference(resourceId('Microsoft.OperationalInsights/workspaces', variables('logWorkspaceName')), '2020-10-01').customerId]",
+            "sharedKey": "[listKeys(resourceId('Microsoft.OperationalInsights/workspaces', variables('logWorkspaceName')), '2020-10-01').primarySharedKey]"
+          }
+        }
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.OperationalInsights/workspaces', variables('logWorkspaceName'))]"
+      ]
+    },
+    {
+      "type": "Microsoft.App/containerApps",
+      "apiVersion": "2022-06-01-preview",
+      "name": "vaultwarden",
+      "location": "[variables('location')]",
+      "properties": {
+        "environmentId": "[resourceId('Microsoft.App/managedEnvironments', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)))]",
+        "configuration": {
+          "ingress": {
+            "external": true,
+            "targetPort": 80,
+            "allowInsecure": true,
+            "traffic": [
+              {
+                "latestRevision": true,
+                "weight": 100
+              }
+            ]
+          }
+        },
+        "template": {
+          "containers": [
+            {
+              "name": "vaultwarden",
+              "image": "docker.io/vaultwarden/server:latest",
+              "resources": {
+                "cpu": "[json(parameters('cpuCore'))]",
+                "memory": "[format('{0}Gi', parameters('memorySize'))]"
+              },
+              "volumeMounts": [
+                {
+                  "volumeName": "vwdatashare",
+                  "mountPath": "/data"
+                }
+              ],
+              "env": [
+                {
+                  "name": "ADMIN_TOKEN",
+                  "value": "[parameters('AdminAPIKEY')]"
+                },
+                {
+                  "name": "ENABLE_DB_WAL",
+                  "value": "false"
+                }
+              ]
+            }
+          ],
+          "volumes": [
+            {
+              "name": "vwdatashare",
+              "storageName": "vw-data-link",
+              "storageType": "AzureFile"
+            }
+          ],
+          "scale": {
+            "minReplicas": 1,
+            "maxReplicas": 4
+          }
+        }
+      },
+      "dependsOn": [
+        "[resourceId('Microsoft.App/managedEnvironments', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)))]"
+      ]
+    }
+  ]
+}
\ No newline at end of file