mirror of
https://github.com/Haxxnet/Compose-Examples
synced 2024-12-18 16:20:19 +00:00
84 lines
3.4 KiB
YAML
84 lines
3.4 KiB
YAML
services:
|
|
|
|
vaultwarden:
|
|
image: vaultwarden/server:latest-alpine
|
|
container_name: vaultwarden
|
|
hostname: vaultwarden
|
|
restart: unless-stopped
|
|
dns:
|
|
- 1.1.1.1
|
|
environment:
|
|
#- ADMIN_TOKEN=$$argon2id$$v=19$$m=19456,t=2,p=1$$UUZxK1FZMkZoRHFQRlVrTXZvS0E3bHpNQW55c2dBN2NORzdsa0Nxd1JhND0$$cUoId+JBUsJutlG4rfDZayExfjq4TCt48aBc9qsc3UI # see https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page#secure-the-admin_token
|
|
#- SIGNUPS_ALLOWED=false
|
|
#- SIGNUPS_VERIFY=true
|
|
#- INVITATIONS_ALLOWED=true # only admins and orga owners
|
|
#- globalSettings__mail__replyToEmail=bitwarden@example.com
|
|
#- globalSettings__mail__smtp__host=smtp.gmail.com
|
|
#- globalSettings__mail__smtp__username=bitwarden@example.com
|
|
#- globalSettings__mail__smtp__password=MyStrongSmtpLoginPassword
|
|
#- globalSettings__mail__smtp__ssl=true
|
|
#- globalSettings__mail__smtp__port=587
|
|
- LOG_FILE=/data/logs/access.log
|
|
- WEBSOCKET_ENABLED=true
|
|
- ROCKET_ENV=prod
|
|
- ROCKET_WORKERS=10
|
|
- TZ=Europe/Berlin
|
|
- LOG_LEVEL=error
|
|
- EXTENDED_LOGGING=true
|
|
ports:
|
|
- 8888:80
|
|
expose:
|
|
- 80
|
|
volumes:
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/vaultwarden/data:/data
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/vaultwarden/logs:/data/logs
|
|
#networks:
|
|
# - proxy
|
|
#labels:
|
|
# - com.centurylinklabs.watchtower.monitor-only=true
|
|
# - traefik.enable=true
|
|
# - traefik.docker.network=proxy
|
|
# - traefik.http.routers.vaultwarden.rule=Host(`bitwarden.example.com`)
|
|
# - traefik.http.routers.vaultwarden.service=vaultwarden
|
|
# - traefik.http.services.vaultwarden.loadbalancer.server.port=80
|
|
## Block access to the /admin dashboard from public ip ranges
|
|
# - traefik.http.routers.vaultwarden-admin.rule=Host(`bitwarden.example.com`) && Path(`/admin`)
|
|
# - traefik.http.routers.vaultwarden-admin.service=vaultwarden
|
|
# - traefik.http.services.vaultwarden-admin.loadbalancer.server.port=80
|
|
# - traefik.http.routers.vaultwarden-admin.middlewares=local-ipwhitelist@file
|
|
## Block access to the /api/version endpoint from public ip ranges
|
|
# - traefik.http.routers.vaultwarden-admin.rule=Host(`bitwarden.example.com`) && Path(`/api/version`)
|
|
# - traefik.http.routers.vaultwarden-admin.service=vaultwarden
|
|
# - traefik.http.services.vaultwarden-admin.loadbalancer.server.port=80
|
|
# - traefik.http.routers.vaultwarden-admin.middlewares=local-ipwhitelist@file
|
|
|
|
# this service will backup your vaultwarden instance correctly
|
|
# see https://github.com/Bruceforce/vaultwarden-backup for more information
|
|
vaultwarden-backup:
|
|
image: bruceforce/vaultwarden-backup:latest
|
|
container_name: vaultwarden-backup
|
|
hostname: vaultwarden-backup
|
|
restart: always
|
|
init: true
|
|
depends_on:
|
|
- vaultwarden
|
|
volumes:
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/vaultwarden/data:/data/
|
|
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/vaultwarden/backup:/myBackup
|
|
- /etc/localtime:/etc/localtime:ro
|
|
- /etc/timezone:/etc/timezone:ro
|
|
environment:
|
|
- TIMESTAMP=true
|
|
- DELETE_AFTER=30
|
|
- UID=0
|
|
- GID=1000
|
|
- TZ=Europe/Berlin
|
|
- BACKUP_DIR=/myBackup
|
|
- CRON_TIME=50 3 * * * # see https://crontab.guru/, define without quotes!
|
|
#networks:
|
|
# - proxy
|
|
|
|
#networks:
|
|
# proxy:
|
|
# external: true
|