General deployment #1
3 changed files with 41 additions and 16 deletions
11
.env.sample
11
.env.sample
|
@ -40,12 +40,11 @@ HEDGEDOC_SESSION_SECRET=
|
||||||
HEDGEDOC_OAUTH_CLIENT=
|
HEDGEDOC_OAUTH_CLIENT=
|
||||||
HEDGEDOC_OAUTH_SECRET=
|
HEDGEDOC_OAUTH_SECRET=
|
||||||
|
|
||||||
# WOODPECKER_AGENT_SECRET=
|
WOODPECKER_AGENT_SECRET=
|
||||||
# WOODPECKER_GITEA_CLIENT=
|
WOODPECKER_GITEA_CLIENT=
|
||||||
# WOODPECKER_GITEA_SECRET=
|
WOODPECKER_GITEA_SECRET=
|
||||||
|
|
||||||
# ROUNDCUBE_PG_PWD=
|
VAULTWARDEN_ADMIN_TOKEN=
|
||||||
|
VAULTWARDEN_PG_PWD=
|
||||||
# VAULTWARDEN_ADMIN_TOKEN=
|
|
||||||
|
|
||||||
# MINECRAFT_AMP_LICENSE=
|
# MINECRAFT_AMP_LICENSE=
|
||||||
|
|
|
@ -120,13 +120,13 @@ ci.{$BASE_DOMAIN} {
|
||||||
# reverse_proxy echo:8000
|
# reverse_proxy echo:8000
|
||||||
# }
|
# }
|
||||||
|
|
||||||
# passwords.{$BASE_DOMAIN} {
|
passwords.{$BASE_DOMAIN} {
|
||||||
# import logging
|
import logging
|
||||||
# import errorpages
|
import errorpages
|
||||||
# reverse_proxy /notifications/hub/negotiate* vaultwarden:80
|
reverse_proxy vaultwarden:80 {
|
||||||
# reverse_proxy /notifications/hub* vaultwarden:3012
|
header_up X-Real-IP {remote_host}
|
||||||
# reverse_proxy vaultwarden:80
|
}
|
||||||
# }
|
}
|
||||||
|
|
||||||
# ci-demo.{$BASE_DOMAIN} {
|
# ci-demo.{$BASE_DOMAIN} {
|
||||||
# import logging
|
# import logging
|
||||||
|
|
|
@ -3,6 +3,9 @@ version: '3.7'
|
||||||
# https://hub.docker.com/r/vaultwarden/server
|
# https://hub.docker.com/r/vaultwarden/server
|
||||||
# https://github.com/dani-garcia/vaultwarden
|
# https://github.com/dani-garcia/vaultwarden
|
||||||
|
|
||||||
|
networks:
|
||||||
|
vaultwarden:
|
||||||
|
|
||||||
services:
|
services:
|
||||||
vaultwarden:
|
vaultwarden:
|
||||||
image: vaultwarden/server:alpine
|
image: vaultwarden/server:alpine
|
||||||
|
@ -12,15 +15,38 @@ services:
|
||||||
domainname: ${BASE_DOMAIN}
|
domainname: ${BASE_DOMAIN}
|
||||||
environment:
|
environment:
|
||||||
- DOMAIN=https://passwords.${BASE_DOMAIN}
|
- DOMAIN=https://passwords.${BASE_DOMAIN}
|
||||||
- WEBSOCKET_ENABLED=true
|
# - WEBSOCKET_ENABLED=true
|
||||||
|
|
||||||
- SMTP_HOST=mail
|
- SMTP_HOST=mail
|
||||||
- SMTP_FROM=vaultwarden@${BASE_DOMAIN}
|
- SMTP_FROM=vaultwarden@${BASE_DOMAIN}
|
||||||
- SMTP_PORT=25
|
- SMTP_PORT=25
|
||||||
- SMTP_SECURITY=off
|
- SMTP_SECURITY=off
|
||||||
- SIGNUPS_ALLOWED=false
|
|
||||||
- ADMIN_TOKEN=${VAULTWARDEN_ADMIN_TOKEN}
|
- ADMIN_TOKEN=${VAULTWARDEN_ADMIN_TOKEN}
|
||||||
|
# - ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$UUFq04iWk/WXfYWvxfg3nnyhHBiHYKI9AqoSY4eKIP4$$qizUd/eRNDUjb90eXVbCZMT7bAu4ZPpzaO6EUL0LEJ8
|
||||||
|
- SIGNUPS_ALLOWED=false
|
||||||
|
- INVITATIONS_ALLOWED=false
|
||||||
|
- SHOW_PASSWORD_HINT=false
|
||||||
|
|
||||||
|
- DATABASE_URL=postgres://vaultwarden:${VAULTWARDEN_PG_PWD:-vaultwarden}@pg-vaultwarden:5432/vaultwarden
|
||||||
volumes:
|
volumes:
|
||||||
- ${BASE_DIR:-/srv}/vaultwarden:/data
|
- ${BASE_DIR:-/srv}/vaultwarden/data:/data
|
||||||
|
depends_on:
|
||||||
|
- pg-vaultwarden
|
||||||
networks:
|
networks:
|
||||||
- proxy
|
- proxy
|
||||||
- mail
|
- mail
|
||||||
|
- vaultwarden
|
||||||
|
|
||||||
|
pg-vaultwarden:
|
||||||
|
image: postgres:${POSTGRES_VERSION}-alpine
|
||||||
|
container_name: pg-vaultwarden
|
||||||
|
restart: "${RESTART:-no}"
|
||||||
|
environment:
|
||||||
|
- POSTGRES_DB=vaultwarden
|
||||||
|
- POSTGRES_USER=vaultwarden
|
||||||
|
- POSTGRES_PASSWORD=${VAULTWARDEN_PG_PWD:-vaultwarden}
|
||||||
|
volumes:
|
||||||
|
- ${BASE_DIR:-/srv}/vaultwarden/psql:/var/lib/postgresql/data
|
||||||
|
networks:
|
||||||
|
- vaultwarden
|
||||||
|
|
Loading…
Reference in a new issue