{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "metadata": { "_generator": { "name": "bicep", "version": "0.13.1.58284", "templateHash": "5335694332706655092" } }, "parameters": { "storageAccountSKU": { "type": "string", "defaultValue": "Standard_LRS", "allowedValues": [ "Premium_LRS", "Premium_ZRS", "Standard_GRS", "Standard_GZRS", "Standard_LRS", "Standard_RAGRS", "Standard_RAGZRS", "Standard_ZRS" ], "metadata": { "description": "Storage Account type" } }, "AdminAPIKEY": { "type": "secureString", "defaultValue": "[base64(newGuid())]", "minLength": 20, "metadata": { "description": "Vaultwarden Admin API key used to access /admin page - minLength is 20" } }, "cpuCore": { "type": "string", "defaultValue": "0.25", "allowedValues": [ "0.25", "0.5", "0.75", "1", "1.25", "1.5", "1.75", "2" ], "metadata": { "description": "Number of CPU cores the container can use. Can be with a maximum of two decimals." } }, "memorySize": { "type": "string", "defaultValue": "0.5", "allowedValues": [ "0.5", "1", "1.5", "2", "3", "3.5", "4" ], "metadata": { "description": "Amount of memory (in gibibytes, GiB) allocated to the container up to 4GiB. Can be with a maximum of two decimals. Ratio with CPU cores must be equal to 2." } } }, "variables": { "logWorkspaceName": "[format('vw-logwks{0}', uniqueString(resourceGroup().id))]", "storageAccountName": "[format('vwstorage{0}', uniqueString(resourceGroup().id))]", "location": "[resourceGroup().location]" }, "resources": [ { "type": "Microsoft.Storage/storageAccounts/fileServices/shares", "apiVersion": "2022-09-01", "name": "[format('{0}/{1}/{2}', variables('storageAccountName'), 'default', 'vw-data')]", "properties": { "accessTier": "Hot" }, "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts/fileServices', variables('storageAccountName'), 'default')]" ] }, { "type": "Microsoft.Storage/storageAccounts/fileServices", "apiVersion": "2022-09-01", "name": "[format('{0}/{1}', variables('storageAccountName'), 'default')]", "dependsOn": [ "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]" ] }, { "type": "Microsoft.App/managedEnvironments/storages", "apiVersion": "2022-06-01-preview", "name": "[format('{0}/{1}', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)), 'vw-data-link')]", "properties": { "azureFile": { "accessMode": "ReadWrite", "accountKey": "[listKeys(resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName')), '2021-02-01').keys[0].value]", "shareName": "vw-data", "accountName": "[variables('storageAccountName')]" } }, "dependsOn": [ "[resourceId('Microsoft.App/managedEnvironments', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)))]", "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]" ] }, { "type": "Microsoft.Storage/storageAccounts", "apiVersion": "2021-02-01", "name": "[variables('storageAccountName')]", "location": "[variables('location')]", "kind": "StorageV2", "sku": { "name": "[parameters('storageAccountSKU')]" }, "properties": { "accessTier": "Hot", "allowSharedKeyAccess": true, "allowBlobPublicAccess": true } }, { "type": "Microsoft.OperationalInsights/workspaces", "apiVersion": "2020-10-01", "name": "[variables('logWorkspaceName')]", "location": "[variables('location')]", "properties": { "sku": { "name": "PerGB2018" }, "retentionInDays": 30 } }, { "type": "Microsoft.App/managedEnvironments", "apiVersion": "2022-06-01-preview", "name": "[format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id))]", "location": "[variables('location')]", "sku": { "name": "Consumption" }, "properties": { "appLogsConfiguration": { "destination": "log-analytics", "logAnalyticsConfiguration": { "customerId": "[reference(resourceId('Microsoft.OperationalInsights/workspaces', variables('logWorkspaceName')), '2020-10-01').customerId]", "sharedKey": "[listKeys(resourceId('Microsoft.OperationalInsights/workspaces', variables('logWorkspaceName')), '2020-10-01').primarySharedKey]" } } }, "dependsOn": [ "[resourceId('Microsoft.OperationalInsights/workspaces', variables('logWorkspaceName'))]" ] }, { "type": "Microsoft.App/containerApps", "apiVersion": "2022-06-01-preview", "name": "vaultwarden", "location": "[variables('location')]", "properties": { "environmentId": "[resourceId('Microsoft.App/managedEnvironments', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)))]", "configuration": { "ingress": { "external": true, "targetPort": 80, "allowInsecure": true, "traffic": [ { "latestRevision": true, "weight": 100 } ] } }, "template": { "containers": [ { "name": "vaultwarden", "image": "docker.io/vaultwarden/server:latest", "resources": { "cpu": "[json(parameters('cpuCore'))]", "memory": "[format('{0}Gi', parameters('memorySize'))]" }, "volumeMounts": [ { "volumeName": "vwdatashare", "mountPath": "/data" } ], "env": [ { "name": "ADMIN_TOKEN", "value": "[parameters('AdminAPIKEY')]" }, { "name": "ENABLE_DB_WAL", "value": "false" } ] } ], "volumes": [ { "name": "vwdatashare", "storageName": "vw-data-link", "storageType": "AzureFile" } ], "scale": { "minReplicas": 1, "maxReplicas": 4 } } }, "dependsOn": [ "[resourceId('Microsoft.App/managedEnvironments', format('appenv-vaultwarden{0}', uniqueString(resourceGroup().id)))]" ] } ] }