config-scripts/vaultwarden/docker-compose.yml

50 lines
1.7 KiB
YAML

version: "3"
services:
pass:
image: vaultwarden/server
container_name: vaultwarden
hostname: pass
restart: unless-stopped
volumes:
- /root/vaultwarden/data:/data
environment:
- WEBSOCKET_ENABLED=true
- WEB_VAULT_ENABLED=true
- DOMAIN=http://pass.office.kh3group.com
- SIGNUPS_ALLOWED=false
- SIGNUPS_DOMAINS_WHITELIST=kh3group.com,office.kh3group.com
# Comment admin token to disable admin interface
- ADMIN_TOKEN=${ADMIN_TOKEN}
- SMTP_HOST=smtp.gmail.com
- SMTP_FROM=alerts@kh3group.com
- SMTP_PORT=587
- SMTP_SSL=true
- SMTP_USERNAME=alerts@kh3group.com
- SMTP_PASSWORD=anruflwtglalnjto
networks:
- proxy
labels:
- "traefik.enable=true"
- "traefik.http.routers.vaultwarden.entrypoints=http"
- "traefik.http.routers.vaultwarden.rule=Host(`pass.office.kh3group.com`)"
- "traefik.http.middlewares.vaultwarden-https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.vaultwarden.middlewares=vaultwarden-https-redirect"
- "traefik.http.routers.vaultwarden-secure.entrypoints=https"
- "traefik.http.routers.vaultwarden-secure.rule=Host(`pass.office.kh3group.com`)||Host(`pass.kh3group.com`)"
- "traefik.http.routers.vaultwarden-secure.tls=true"
- "traefik.http.routers.vaultwarden-secure.service=vaultwarden"
- "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
- "traefik.docker.network=proxy"
# Watchtower Update
- "com.centurylinklabs.watchtower.enable=true"
# Ip filtering
#- "traefik.http.routers.bitwarden.middlewares=whitelist@file"
logging:
driver: "syslog"
options:
tag: "Bitwarden"
networks:
proxy:
external: true