49 lines
1.9 KiB
YAML
49 lines
1.9 KiB
YAML
|
version: "2.3"
|
||
|
|
||
|
services:
|
||
|
vaultwarden:
|
||
|
image: vaultwarden/server:1.21.0-alpine
|
||
|
restart: unless-stopped
|
||
|
user: "{{ docker_user.id }}:{{ docker_user.id }}"
|
||
|
volumes:
|
||
|
- "{{ app_data_dir }}/vaultwarden/:/data"
|
||
|
depends_on:
|
||
|
- db
|
||
|
dns: 1.1.1.1
|
||
|
labels:
|
||
|
- traefik.enable=true
|
||
|
|
||
|
- traefik.http.routers.vaultwarden-ui.rule=Host(`bw.jakehoward.tech`)
|
||
|
- traefik.http.routers.vaultwarden-ui.service=vaultwarden-ui
|
||
|
- traefik.http.services.vaultwarden-ui.loadbalancer.server.port=80
|
||
|
- traefik.http.routers.vaultwarden-ui.tls.certresolver=le
|
||
|
|
||
|
- traefik.http.routers.vaultwarden-websocket.rule=Host(`bw.jakehoward.tech`) && Path(`/notifications/hub`)
|
||
|
- traefik.http.routers.vaultwarden-websocket.service=vaultwarden-websocket
|
||
|
- traefik.http.services.vaultwarden-websocket.loadbalancer.server.port=3012
|
||
|
- traefik.http.routers.vaultwarden-websocket.tls.certresolver=le
|
||
|
|
||
|
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.average=5
|
||
|
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.burst=1000
|
||
|
- traefik.http.middlewares.vaultwarden-compress.compress=true
|
||
|
|
||
|
- traefik.http.routers.vaultwarden-ui.middlewares=vaultwarden-ratelimit,vaultwarden-compress
|
||
|
- traefik.http.routers.vaultwarden-websocket.middlewares=vaultwarden-ratelimit,vaultwarden-compress
|
||
|
environment:
|
||
|
- SIGNUPS_ALLOWED=false
|
||
|
- DOMAIN=https://bw.jakehoward.tech
|
||
|
- SHOW_PASSWORD_HINT=false
|
||
|
- DATABASE_URL=postgres://bitwarden:{{ bitwarden_database_password }}@db/bitwarden
|
||
|
- INVITATIONS_ALLOWED=false
|
||
|
- ROCKET_WORKERS={{ ansible_processor_nproc }}
|
||
|
- WEBSOCKET_ENABLED=true
|
||
|
|
||
|
db:
|
||
|
image: postgres:12-alpine
|
||
|
restart: unless-stopped
|
||
|
volumes:
|
||
|
- /mnt/tank/dbs/postgres/vaultwarden/:/var/lib/postgresql/data
|
||
|
environment:
|
||
|
- POSTGRES_PASSWORD={{ bitwarden_database_password }}
|
||
|
- POSTGRES_USER=bitwarden
|