40 lines
1.3 KiB
YAML
40 lines
1.3 KiB
YAML
services:
|
|
# Vaultwarden Password Manager
|
|
vaultwarden:
|
|
image: vaultwarden/server:latest
|
|
container_name: vaultwarden
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
restart: unless-stopped
|
|
# profiles: ["core", "all"]
|
|
networks:
|
|
- proxy
|
|
environment:
|
|
# This is required to allow vaultwarden to verify the TLS certificate!
|
|
- DOMAIN=https://${DOMAIN}
|
|
- DATABASE_URL=${DATABASE_URL}
|
|
- ADMIN_TOKEN=${ADMIN_TOKEN}
|
|
- ICON_SERVICE=${ICON_SERVICE}
|
|
- SMTP_HOST=${SMTP_HOST}
|
|
- SMTP_SECURITY=${SMTP_SECURITY}
|
|
- SMTP_PORT=${SMTP_PORT}
|
|
- SMTP_FROM=vaultwarden@mail.gurulandia.eu
|
|
- SMTP_USERNAME=${SMTP_USERNAME}
|
|
- SMTP_PASSWORD=${SMTP_PASSWORD}
|
|
volumes:
|
|
- /gurulandia/data/vaultwarden/data:/data
|
|
labels:
|
|
- "traefik.enable=true"
|
|
## HTTP Routers
|
|
- "traefik.http.routers.vaultwarden-rtr.entrypoints=https"
|
|
- "traefik.http.routers.vaultwarden-rtr.rule=Host(`${DOMAIN}`)"
|
|
- "traefik.http.routers.vaultwarden-rtr.tls=true"
|
|
## Middlewares
|
|
- "traefik.http.routers.vaultwarden-rtr.middlewares=chain-no-auth@file"
|
|
## HTTP Services
|
|
- "traefik.http.routers.vaultwarden-rtr.service=vaultwarden-svc"
|
|
- "traefik.http.services.vaultwarden-svc.loadbalancer.server.port=80"
|
|
networks:
|
|
proxy:
|
|
name: proxy
|
|
external: true |