72 lines
2.6 KiB
YAML
72 lines
2.6 KiB
YAML
# Vaultwarden Configuration - (Bitwarden-compatible) Password Manager
|
|
services:
|
|
vaultwarden_db:
|
|
# PostgreSQL Database Configuration
|
|
container_name: vaultwarden_db
|
|
image: docker.io/library/postgres:17.5
|
|
restart: unless-stopped # Auto-recover from crashes
|
|
|
|
# Database credentials
|
|
environment:
|
|
- POSTGRES_USER=${POSTGRES_USER} # Database username
|
|
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD} # Database password
|
|
- POSTGRES_DB=${POSTGRES_DB} # Database name
|
|
|
|
# Persistent storage configuration
|
|
volumes:
|
|
- ${APPDATA_PATH}/vaultwarden/db:/var/lib/postgresql/data # Database files
|
|
|
|
# Network configuration
|
|
ports:
|
|
- ${DB_PORT}:5432 # PostgreSQL default port
|
|
networks:
|
|
- backend # Connects to backend network
|
|
|
|
# Health monitoring
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -d ${POSTGRES_DB} -U ${POSTGRES_USER}"] # Connection check
|
|
interval: 30s # Check every 30 seconds
|
|
timeout: 5s # Maximum check duration
|
|
retries: 5 # Allow 5 failures before marking unhealthy
|
|
start_period: 20s # Initial grace period
|
|
|
|
vaultwarden_server:
|
|
container_name: vaultwarden_server
|
|
# Container configuration
|
|
image: ghcr.io/dani-garcia/vaultwarden:1.34.1 # Official Vaultwarden image
|
|
restart: unless-stopped # Auto-restart on failure
|
|
depends_on:
|
|
vaultwarden_db:
|
|
condition: service_healthy # Wait for healthy database
|
|
|
|
# Application settings
|
|
environment:
|
|
- PUID=${PUID} # User ID for file permissions
|
|
- PGID=${PGID} # Group ID for file permissions
|
|
- TZ=${TZ} # Timezone configuration
|
|
- DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@vaultwarden_db:5432/${POSTGRES_DB} # DB connection
|
|
- WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED} # Real-time updates
|
|
- LOG_FILE=/data/vaultwarden.log # Log file location
|
|
# Uncomment and set these only on first run
|
|
# - DOMAIN=${DOMAIN} # Domain Name
|
|
# - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED} # User registration
|
|
# - ADMIN_TOKEN=${ADMIN_TOKEN} # Admin interface access token
|
|
|
|
# Persistent storage configuration
|
|
volumes:
|
|
- ${APPDATA_PATH}/vaultwarden/data:/data # Vault data storage
|
|
|
|
# Network configuration
|
|
ports:
|
|
- ${SERVER_PORT}:80 # Web interface port
|
|
networks:
|
|
- frontend # Connects to frontend network
|
|
- backend # Connects to backend network
|
|
|
|
# External network definitions
|
|
networks:
|
|
frontend:
|
|
external: true # Uses existing frontend network
|
|
backend:
|
|
external: true # Uses existing backend network
|