From 8039bc1811948f563c7249e7c9b4478bc5045471 Mon Sep 17 00:00:00 2001 From: andy bunce Date: Thu, 15 Jun 2023 12:52:08 +0100 Subject: [PATCH] [add] warden --- warden/docker-compose.yml | 64 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100644 warden/docker-compose.yml diff --git a/warden/docker-compose.yml b/warden/docker-compose.yml new file mode 100644 index 0000000..ad8d308 --- /dev/null +++ b/warden/docker-compose.yml @@ -0,0 +1,64 @@ +# This Docker Compose configuration can be used to set up a vaultwarden +# setup on the *local* network. +# +# Many existing configurations are meant to be used on a public network +# with a Let's Encrypt certificate, its own domain etc. +# This configuration is meant to remain in the local network and not get +# exposed to the public facing internet to provide an additional layer +# of security. This way, passwords will only sync when in the local network. +# +# This configuration assumes that it will be available from https://nasty.local:86 +# but the hostname and port can be changes freely. +# Simply copy this file to the homeserver, customize the admin token and hostname +# any run "docker-compose up -d" to start the containers. +# +# By default, self-sign up will be deisabled so no new users can simply register an +# account. To create an account, you will first need to open the admin console +# at https://nasty.local:86/admin and invite the new user via their email address. +# Unless manually added, no SMTP server is connected and thus no mails will be sent. +# You can simply now register using the email address you invited using the frontend. +# +# A self-signed HTTPS certificate will be created for hosting so you might need +# to add the self-created HTTPS autority certificate found at +# ./vw-data/caddy-data/caddy/pki/authorities/local/root.crt to use the server +# +# All data can be backed up by simply copying the "./vw-data" folder that contains +# all data for vaultwarden and the Caddy reverse proxy +version: '3' + +services: + vaultwarden: + image: vaultwarden/server:latest + container_name: vaultwarden2 + restart: unless-stopped + environment: + - WEBSOCKET_ENABLED=true + - ADMIN_TOKEN=myadmintoken + - SIGNUPS_ALLOWED=true + - DOMAIN=https://warden.local + # - SIGNUPS_ALLOWED=true + # - SIGNUPS_VERIFY=true + volumes: + - ./vw-data/vw:/data + networks: + - vaultwarden2 + + caddy: + image: caddy:2 + container_name: caddy2 + command: caddy reverse-proxy --from warden.local:86 --to vaultwarden:80 + restart: unless-stopped + ports: + - 86:86 + - 87:443 + volumes: + - ./vw-data/caddy-config:/config + - ./vw-data/caddy-data:/data + environment: + - DOMAIN=warden.local + networks: + - vaultwarden2 + +networks: + vaultwarden2: + driver: bridge