45 lines
1.5 KiB
YAML
45 lines
1.5 KiB
YAML
version: "3.8"
|
|
services:
|
|
bitwarden:
|
|
image: vaultwarden/server
|
|
container_name: bitwarden
|
|
command:
|
|
- /start.sh
|
|
environment:
|
|
- TZ=America/Montreal
|
|
- WEBSOCKET_ENABLED=true
|
|
- SIGNUPS_ALLOWED=false
|
|
- DOMAIN=https://pass.lazyworkhorse.net
|
|
volumes:
|
|
- /mnt/HoardingCow_docker_data/BitWarden/data:/data:rw
|
|
networks:
|
|
- traefik-net
|
|
restart: unless-stopped
|
|
labels:
|
|
- "traefik.enable=true"
|
|
|
|
# Router for HTTP + redirection to HTTPS
|
|
- "traefik.http.routers.bitwarden-http.rule=Host(`pass.lazyworkhorse.net`)"
|
|
- "traefik.http.routers.bitwarden-http.entrypoints=web"
|
|
- "traefik.http.routers.bitwarden-http.middlewares=redirect-to-https"
|
|
|
|
# Router for HTTPS with TLS
|
|
- "traefik.http.routers.bitwarden-https.rule=Host(`pass.lazyworkhorse.net`)"
|
|
- "traefik.http.routers.bitwarden-https.entrypoints=websecure"
|
|
- "traefik.http.routers.bitwarden-https.tls=true"
|
|
- "traefik.http.routers.bitwarden-https.tls.certresolver=njalla"
|
|
|
|
# Wildcard
|
|
# - "traefik.http.routers.bitwarden-https.tls.domains[0].main=lazyworkhorse.net"
|
|
# - "traefik.http.routers.bitwarden-https.tls.domains[0].sans=*.lazyworkhorse.net"
|
|
|
|
# Middleware for redirect HTTP -> HTTPS
|
|
- "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
|
|
|
|
# Websocket support (port 80 du container)
|
|
- "traefik.http.services.bitwarden.loadbalancer.server.port=80"
|
|
|
|
networks:
|
|
traefik-net:
|
|
external: true
|