Kinesin/sovereign
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8acdb891d0d0e7f0a67ecbfa51b41684eecb90a0
sovereign/roles/vaultwarden/templates/docker-compose.yml.j2
T
Ian Roddis 5920d3fd7a Initial commit after Claude implementation
2026-03-23 14:29:32 -03:00

64 lines
2.0 KiB
Django/Jinja
Raw Blame History

services:
vaultwarden-db:
image: postgres:16-alpine
container_name: vaultwarden-db
restart: unless-stopped
environment:
POSTGRES_DB: vaultwarden
POSTGRES_USER: vaultwarden
POSTGRES_PASSWORD: "{{ vaultwarden_db_password }}"
volumes:
- {{ vaultwarden_data_dir }}/db:/var/lib/postgresql/data
networks:
- internal
logging:
driver: gelf
options:
gelf-address: "udp://{{ graylog_host }}:{{ graylog_gelf_port }}"
tag: "vaultwarden-db"
vaultwarden:
image: vaultwarden/server:{{ vaultwarden_version }}
container_name: vaultwarden
restart: unless-stopped
depends_on:
- vaultwarden-db
environment:
DATABASE_URL: "postgresql://vaultwarden:{{ vaultwarden_db_password }}@vaultwarden-db/vaultwarden"
ADMIN_TOKEN: "{{ vaultwarden_admin_token }}"
DOMAIN: "https://{{ vaultwarden_domain }}"
SMTP_HOST: "{{ smtp_host }}"
SMTP_FROM: "{{ smtp_from }}"
SMTP_PORT: "{{ smtp_port }}"
SMTP_SECURITY: "{{ smtp_tls }}"
SMTP_USERNAME: "{{ smtp_user }}"
SMTP_PASSWORD: "{{ smtp_password }}"
SIGNUPS_ALLOWED: "false"
SSO_ENABLED: "true"
SSO_ONLY: "false"
SSO_AUTHORITY: "https://{{ authentik_domain }}/application/o/vaultwarden/"
SSO_CLIENT_ID: "vaultwarden"
SSO_CLIENT_SECRET: "changeme_vaultwarden_oidc_secret"
LOG_LEVEL: warn
volumes:
- {{ vaultwarden_data_dir }}/data:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.vaultwarden.rule=Host(`{{ vaultwarden_domain }}`)"
- "traefik.http.routers.vaultwarden.tls=true"
- "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
- "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
networks:
- internal
- {{ sovereign_network_name }}
logging:
driver: gelf
options:
gelf-address: "udp://{{ graylog_host }}:{{ graylog_gelf_port }}"
tag: "vaultwarden"
networks:
internal:
{{ sovereign_network_name }}:
external: true
Reference in New Issue View Git Blame Copy Permalink