home/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make vaultwarden available for external access and rename stack security to vault.

Browse Source
This commit is contained in:
Christian Steinle
2021-11-16 05:43:02 +01:00
parent 86e49e754a
commit 5d21a25597
3 changed files with 44 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
readme.md
View File

@@ -104,6 +104,14 @@ networks:
name: home name: home
```` ````
### SQLite3
Vaultwarden stores data in a sqlite database. To view data sqlite3 should be installed.
````
sudo apt install sqlite3
````
## Components and structure ## Components and structure
The root's docker-compose is used to install common components like databases and traefik. The root's docker-compose is used to install common components like databases and traefik.
@@ -136,7 +144,7 @@ Subdirectories are used to structure and keep components independent. You have t
- nextcloud-fpm - nextcloud-fpm
- nginx - nginx
### Security ### Vault
- vaultwarden - vaultwarden

27
security/docker-compose.yaml
View File

@@ -1,27 +0,0 @@
version: "3.9"
networks:
proxy:
external: true
internal:
external: true
volumes:
vault:
name: vault
services:
vaultwarden:
image: vaultwarden/server
restart: unless-stopped
container_name: vaultwarden
volumes:
- vault:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.vaultwarden.entrypoints=web"
- "traefik.http.routers.vaultwarden.rule=Host(`vault.lan`)"
- "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
networks:
- internal
- proxy

35
vault/docker-compose.yaml Normal file
View File

@@ -0,0 +1,35 @@
version: "3.9"
networks:
proxy:
external: true
internal:
external: true
volumes:
vault:
name: vault
services:
vaultwarden:
image: vaultwarden/server
restart: unless-stopped
container_name: vaultwarden
volumes:
- vault:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.vault.entrypoints=web"
- "traefik.http.routers.vault.rule=Host(`cs-vault.ddnss.de`)"
- "traefik.http.routers.vault.middlewares=vault"
- "traefik.http.middlewares.vault.redirectscheme.scheme=https"
- "traefik.http.routers.vault-secure.entrypoints=websecure"
- "traefik.http.routers.vault-secure.rule=Host(`cs-vault.ddnss.de`)"
- "traefik.http.routers.vault-secure.service=vault-secure"
- "traefik.http.routers.vault-secure.tls=true"
- "traefik.http.routers.vault-secure.tls.certresolver=myresolver"
- "traefik.http.routers.vault-secure.tls.domains[0].main=cs-vault.ddnss.de"
- "traefik.http.services.vault-secure.loadbalancer.server.port=80"
networks:
- internal
- proxy