# This Docker Compose configuration can be used to set up a vaultwarden
# setup on the *local* network.
#
# Many existing configurations are meant to be used on a public network
# with a Let's Encrypt certificate, its own domain etc.
# This configuration is meant to remain in the local network and not get
# exposed to the public facing internet to provide an additional layer
# of security. This way, passwords will only sync when in the local network.
#
# This configuration assumes that it will be available from https://nasty.local:86
# but the hostname and port can be changes freely.
# Simply copy this file to the homeserver, customize the admin token and hostname
# any run "docker-compose up -d" to start the containers.
#
# By default, self-sign up will be deisabled so no new users can simply register an
# account. To create an account, you will first need to open the admin console
# at https://nasty.local:86/admin and invite the new user via their email address.
# Unless manually added, no SMTP server is connected and thus no mails will be sent.
# You can simply now register using the email address you invited using the frontend.
#
# A self-signed HTTPS certificate will be created for hosting so you might need
# to add the self-created HTTPS autority certificate found at 
# ./vw-data/caddy-data/caddy/pki/authorities/local/root.crt to use the server
#
# All data can be backed up by simply copying the "./vw-data" folder that contains
# all data for vaultwarden and the Caddy reverse proxy
version: '3'

services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden2
    restart: unless-stopped
    environment:
      - WEBSOCKET_ENABLED=true
      - ADMIN_TOKEN=myadmintoken
      - SIGNUPS_ALLOWED=true
      - DOMAIN=https://warden.local
      # - SIGNUPS_ALLOWED=true
      # - SIGNUPS_VERIFY=true
    volumes:
      - ./vw-data/vw:/data
    networks:
      - vaultwarden2

  caddy:
    image: caddy:2
    container_name: caddy2
    command: caddy reverse-proxy --from warden.local:86 --to vaultwarden:80
    restart: unless-stopped
    ports:
      - 86:86
      - 87:443
    volumes:
      - ./vw-data/caddy-config:/config
      - ./vw-data/caddy-data:/data
    environment:
      - DOMAIN=warden.local
    networks:
      - vaultwarden2

networks:
    vaultwarden2:
        driver: bridge