65 lines
2.0 KiB
YAML
65 lines
2.0 KiB
YAML
services:
|
|
vaultwarden:
|
|
image: vaultwarden/server:latest
|
|
container_name: vaultwarden
|
|
restart: unless-stopped
|
|
environment:
|
|
DOMAIN: "https://vault.ljh31.de"
|
|
ADMIN_TOKEN: "bitte_sicheres_token_einsetzen" # openssl rand -base64 48
|
|
SIGNUPS_ALLOWED: "true"
|
|
SIGNUPS_VERIFY: "false"
|
|
WEBSOCKET_ENABLED: "true"
|
|
LOG_LEVEL: "warn"
|
|
|
|
# SMTP (optional)
|
|
# SMTP_HOST: "smtp.example.com"
|
|
# SMTP_FROM: "vaultwarden@ljh31.de"
|
|
# SMTP_PORT: "587"
|
|
# SMTP_SECURITY: "starttls"
|
|
# SMTP_USERNAME: "user"
|
|
# SMTP_PASSWORD: "passwort"
|
|
|
|
volumes:
|
|
- vaultwarden_data:/data
|
|
|
|
expose:
|
|
- "80"
|
|
- "3012"
|
|
|
|
networks:
|
|
- traefik_proxy
|
|
|
|
labels:
|
|
# --- Traefik ---
|
|
- "traefik.enable=true"
|
|
|
|
# Haupt-App
|
|
- "traefik.http.routers.vaultwarden.rule=Host(`vault.ljh31.de`)"
|
|
- "traefik.http.routers.vaultwarden.entrypoints=websecure"
|
|
- "traefik.http.routers.vaultwarden.tls=true"
|
|
- "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
|
|
- "traefik.http.routers.vaultwarden.service=vaultwarden-svc"
|
|
- "traefik.http.services.vaultwarden-svc.loadbalancer.server.port=80"
|
|
|
|
# WebSocket
|
|
- "traefik.http.routers.vaultwarden-ws.rule=Host(`vault.ljh31.de`) && Path(`/notifications/hub`)"
|
|
- "traefik.http.routers.vaultwarden-ws.entrypoints=websecure"
|
|
- "traefik.http.routers.vaultwarden-ws.tls=true"
|
|
- "traefik.http.routers.vaultwarden-ws.tls.certresolver=letsencrypt"
|
|
- "traefik.http.routers.vaultwarden-ws.service=vaultwarden-ws-svc"
|
|
- "traefik.http.services.vaultwarden-ws-svc.loadbalancer.server.port=3012"
|
|
|
|
# --- Homepage ---
|
|
- "homepage.group=Security"
|
|
- "homepage.name=Vaultwarden"
|
|
- "homepage.icon=vaultwarden.png"
|
|
- "homepage.href=https://vault.ljh31.de"
|
|
- "homepage.description=Passwort-Manager"
|
|
|
|
volumes:
|
|
vaultwarden_data:
|
|
driver: local
|
|
|
|
networks:
|
|
traefik_proxy:
|
|
external: true |