General deployment #1
3 changed files with 41 additions and 16 deletions
11
.env.sample
11
.env.sample
|
@ -40,12 +40,11 @@ HEDGEDOC_SESSION_SECRET=
|
|||
HEDGEDOC_OAUTH_CLIENT=
|
||||
HEDGEDOC_OAUTH_SECRET=
|
||||
|
||||
# WOODPECKER_AGENT_SECRET=
|
||||
# WOODPECKER_GITEA_CLIENT=
|
||||
# WOODPECKER_GITEA_SECRET=
|
||||
WOODPECKER_AGENT_SECRET=
|
||||
WOODPECKER_GITEA_CLIENT=
|
||||
WOODPECKER_GITEA_SECRET=
|
||||
|
||||
# ROUNDCUBE_PG_PWD=
|
||||
|
||||
# VAULTWARDEN_ADMIN_TOKEN=
|
||||
VAULTWARDEN_ADMIN_TOKEN=
|
||||
VAULTWARDEN_PG_PWD=
|
||||
|
||||
# MINECRAFT_AMP_LICENSE=
|
||||
|
|
|
@ -120,13 +120,13 @@ ci.{$BASE_DOMAIN} {
|
|||
# reverse_proxy echo:8000
|
||||
# }
|
||||
|
||||
# passwords.{$BASE_DOMAIN} {
|
||||
# import logging
|
||||
# import errorpages
|
||||
# reverse_proxy /notifications/hub/negotiate* vaultwarden:80
|
||||
# reverse_proxy /notifications/hub* vaultwarden:3012
|
||||
# reverse_proxy vaultwarden:80
|
||||
# }
|
||||
passwords.{$BASE_DOMAIN} {
|
||||
import logging
|
||||
import errorpages
|
||||
reverse_proxy vaultwarden:80 {
|
||||
header_up X-Real-IP {remote_host}
|
||||
}
|
||||
}
|
||||
|
||||
# ci-demo.{$BASE_DOMAIN} {
|
||||
# import logging
|
||||
|
|
|
@ -3,6 +3,9 @@ version: '3.7'
|
|||
# https://hub.docker.com/r/vaultwarden/server
|
||||
# https://github.com/dani-garcia/vaultwarden
|
||||
|
||||
networks:
|
||||
vaultwarden:
|
||||
|
||||
services:
|
||||
vaultwarden:
|
||||
image: vaultwarden/server:alpine
|
||||
|
@ -12,15 +15,38 @@ services:
|
|||
domainname: ${BASE_DOMAIN}
|
||||
environment:
|
||||
- DOMAIN=https://passwords.${BASE_DOMAIN}
|
||||
- WEBSOCKET_ENABLED=true
|
||||
# - WEBSOCKET_ENABLED=true
|
||||
|
||||
- SMTP_HOST=mail
|
||||
- SMTP_FROM=vaultwarden@${BASE_DOMAIN}
|
||||
- SMTP_PORT=25
|
||||
- SMTP_SECURITY=off
|
||||
- SIGNUPS_ALLOWED=false
|
||||
|
||||
- ADMIN_TOKEN=${VAULTWARDEN_ADMIN_TOKEN}
|
||||
# - ADMIN_TOKEN=$$argon2id$$v=19$$m=65540,t=3,p=4$$UUFq04iWk/WXfYWvxfg3nnyhHBiHYKI9AqoSY4eKIP4$$qizUd/eRNDUjb90eXVbCZMT7bAu4ZPpzaO6EUL0LEJ8
|
||||
- SIGNUPS_ALLOWED=false
|
||||
- INVITATIONS_ALLOWED=false
|
||||
- SHOW_PASSWORD_HINT=false
|
||||
|
||||
- DATABASE_URL=postgres://vaultwarden:${VAULTWARDEN_PG_PWD:-vaultwarden}@pg-vaultwarden:5432/vaultwarden
|
||||
volumes:
|
||||
- ${BASE_DIR:-/srv}/vaultwarden:/data
|
||||
- ${BASE_DIR:-/srv}/vaultwarden/data:/data
|
||||
depends_on:
|
||||
- pg-vaultwarden
|
||||
networks:
|
||||
- proxy
|
||||
- mail
|
||||
- vaultwarden
|
||||
|
||||
pg-vaultwarden:
|
||||
image: postgres:${POSTGRES_VERSION}-alpine
|
||||
container_name: pg-vaultwarden
|
||||
restart: "${RESTART:-no}"
|
||||
environment:
|
||||
- POSTGRES_DB=vaultwarden
|
||||
- POSTGRES_USER=vaultwarden
|
||||
- POSTGRES_PASSWORD=${VAULTWARDEN_PG_PWD:-vaultwarden}
|
||||
volumes:
|
||||
- ${BASE_DIR:-/srv}/vaultwarden/psql:/var/lib/postgresql/data
|
||||
networks:
|
||||
- vaultwarden
|
||||
|
|
Loading…
Reference in a new issue