35 lines
1.2 KiB
YAML
35 lines
1.2 KiB
YAML
services:
|
|
vaultwarden:
|
|
image: vaultwarden/server:latest
|
|
container_name: vaultwarden
|
|
restart: always
|
|
env_file:
|
|
- .env
|
|
labels:
|
|
- traefik.enable=true
|
|
- traefik.http.routers.vw.rule=Host(`${SUBDOMAIN}.${DOMAIN_NAME}`)
|
|
- traefik.http.routers.vw.tls=true
|
|
- traefik.http.routers.vw.entrypoints=web,websecure
|
|
- traefik.http.routers.vw.tls.certresolver=cloudflare
|
|
- traefik.http.middlewares.vw.headers.SSLRedirect=true
|
|
- traefik.http.middlewares.vw.headers.STSSeconds=315360000
|
|
- traefik.http.middlewares.vw.headers.browserXSSFilter=true
|
|
- traefik.http.middlewares.vw.headers.contentTypeNosniff=true
|
|
- traefik.http.middlewares.vw.headers.forceSTSHeader=true
|
|
- traefik.http.middlewares.vw.headers.SSLHost=${DOMAIN_NAME}
|
|
- traefik.http.middlewares.vw.headers.STSIncludeSubdomains=true
|
|
- traefik.http.middlewares.vw.headers.STSPreload=true
|
|
- traefik.http.middlewares.vw.headers.frameDeny=true
|
|
- traefik.http.routers.vw.middlewares=vw@docker
|
|
- traefik.http.services.vw.loadbalancer.server.port=80
|
|
volumes:
|
|
- vw-data:/data/
|
|
networks:
|
|
- mgmt
|
|
volumes:
|
|
vw-data:
|
|
name: vw-data
|
|
networks:
|
|
mgmt:
|
|
external:
|
|
true |