-
-
Notifications
You must be signed in to change notification settings - Fork 62
/
vaultwarden.yml
73 lines (67 loc) · 2.14 KB
/
vaultwarden.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
version: '3.8'
x-vaultwarden-labels: &vaultwarden-labels
labels:
- traefik.enable=true
- traefik.docker.network=vaultwarden
- traefik.http.routers.vaultwarden-http.rule=Host(`vaultwarden.${DOMAIN?Variable DOMAIN not set}`)
- traefik.http.routers.vaultwarden-http.entrypoints=http
- traefik.http.routers.vaultwarden-http.service=vaultwarden
- traefik.http.routers.vaultwarden-http.middlewares=https-redirect
- traefik.http.routers.vaultwarden-https.rule=Host(`vaultwarden.${DOMAIN?Variable DOMAIN not set}`)
- traefik.http.routers.vaultwarden-https.entrypoints=https
- traefik.http.routers.vaultwarden-https.tls=true
- traefik.http.routers.vaultwarden-https.service=vaultwarden
- traefik.http.routers.vaultwarden-https.tls.certresolver=le
- traefik.http.services.vaultwarden.loadbalancer.server.port=80
x-service: &service
logging:
driver: json-file
options:
max-size: "100m"
max-file: "2"
restart: always
networks:
- vaultwarden
services:
# https://github.com/dani-garcia/vaultwarden/wiki/Using-Docker-Compose
# https://github.com/dani-garcia/vaultwarden/wiki/Configuration-overview
# https://github.com/dani-garcia/vaultwarden/blob/main/.env.template
vaultwarden:
container_name: vaultwarden
image: vaultwarden/server
deploy:
mode: replicated
replicas: 1
resources:
reservations:
cpus: '0.01'
memory: 50M
<<: *vaultwarden-labels
<<: *vaultwarden-labels
<<: *service
environment:
WEBSOCKET_ENABLED: "true"
SIGNUPS_ALLOWED: "false"
ADMIN_TOKEN: ${PASSWORD?Variable PASSWORD not set}
DOMAIN: "https://vaultwarden.${DOMAIN?Variable DOMAIN not set}"
volumes:
- vaultwarden-data:/data
x-volume: &volume
driver: local
x-volume-driver-opts: &volume-driver-opts
type: none
o: bind
volumes:
vaultwarden-data:
name: vaultwarden-data
<<: *volume
driver_opts:
<<: *volume-driver-opts
device: ${DATAPATH?Variable DATAPATH not set}/vaultwarden/data
networks:
vaultwarden:
name: vaultwarden
external: true
database:
name: database
external: true