infrastructure/ansible/roles/vaultwarden/files/docker-compose.yml

49 lines
1.5 KiB
YAML
Raw Normal View History

services:
vaultwarden:
image: vaultwarden/server:1.32.3-alpine
restart: unless-stopped
user: "{{ docker_user.id }}:{{ docker_user.id }}"
volumes:
- "{{ app_data_dir }}/vaultwarden/:/data"
depends_on:
- db
dns:
- 9.9.9.9
- 149.112.112.112
labels:
- traefik.enable=true
2023-07-10 13:41:56 +01:00
- traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.jakehoward.tech`)
- traefik.http.routers.vaultwarden.service=vaultwarden
- traefik.http.services.vaultwarden.loadbalancer.server.port=80
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.average=5
2023-08-16 22:03:22 +01:00
- traefik.http.middlewares.vaultwarden-ratelimit.ratelimit.burst=200
- traefik.http.routers.vaultwarden.middlewares=vaultwarden-ratelimit,tailscale-only@file
environment:
- SIGNUPS_ALLOWED=false
- DOMAIN=https://vaultwarden.jakehoward.tech
- SHOW_PASSWORD_HINT=false
- DATABASE_URL=postgres://vaultwarden:{{ vaultwarden_database_password }}@db/vaultwarden
- INVITATIONS_ALLOWED=false
2023-08-16 22:03:22 +01:00
- ROCKET_WORKERS=2
- EMERGENCY_ACCESS_ALLOWED=false
- AUTHENTICATOR_DISABLE_TIME_DRIFT=true
networks:
- default
- traefik
db:
2021-12-22 15:33:40 +00:00
image: postgres:14-alpine
restart: unless-stopped
volumes:
2023-06-15 21:18:50 +01:00
- /mnt/speed/dbs/postgres/vaultwarden/:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD={{ vaultwarden_database_password }}
- POSTGRES_USER=vaultwarden
networks:
traefik:
external: true