2024-03-07 16:47:24 +01:00
|
|
|
{pkgs, ...}: {
|
|
|
|
project.name = "passwords";
|
|
|
|
|
|
|
|
networks.dmz = {
|
|
|
|
name = "dmz";
|
|
|
|
external = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
services = {
|
|
|
|
vaultwarden.service = {
|
2024-11-11 17:20:57 +01:00
|
|
|
image = "vaultwarden/server:1.32.4";
|
2024-03-07 16:47:24 +01:00
|
|
|
container_name = "vaultwarden";
|
|
|
|
labels = {
|
|
|
|
"traefik.enable" = "true";
|
2024-10-02 20:52:43 +02:00
|
|
|
"diun.enable" = "true";
|
2024-07-05 15:41:20 +02:00
|
|
|
"traefik.docker.network" = "dmz";
|
|
|
|
|
|
|
|
"traefik.http.services.vaultwarden.loadbalancer.server.port" = "80";
|
|
|
|
"traefik.http.routers.vaultwarden.service" = "vaultwarden";
|
2024-03-07 16:47:24 +01:00
|
|
|
"traefik.http.routers.vaultwarden.entrypoints" = "websecure";
|
2024-08-09 15:15:07 +02:00
|
|
|
"traefik.http.routers.vaultwarden.rule" = "Host(`vault.ghoscht.com`)";
|
2024-03-07 16:47:24 +01:00
|
|
|
"traefik.http.routers.vaultwarden.tls" = "true";
|
|
|
|
"traefik.http.routers.vaultwarden.tls.certresolver" = "letsencrypt";
|
2024-07-05 15:41:20 +02:00
|
|
|
|
|
|
|
"traefik.http.services.vaultwarden-external.loadbalancer.server.port" = "80";
|
|
|
|
"traefik.http.routers.vaultwarden-external.service" = "vaultwarden-external";
|
2024-08-09 15:15:07 +02:00
|
|
|
"traefik.http.routers.vaultwarden-external.rule" = "Host(`vault.ghoscht.com`)";
|
2024-07-05 15:41:20 +02:00
|
|
|
"traefik.http.routers.vaultwarden-external.entrypoints" = "websecure-external";
|
|
|
|
"traefik.http.routers.vaultwarden-external.tls" = "true";
|
|
|
|
"traefik.http.routers.vaultwarden-external.tls.certresolver" = "letsencrypt";
|
2024-03-07 16:47:24 +01:00
|
|
|
};
|
|
|
|
volumes = [
|
2024-03-31 22:05:29 +02:00
|
|
|
"/storage/dataset/docker/passwords/vaultwarden_data/:/data"
|
2024-03-07 16:47:24 +01:00
|
|
|
];
|
|
|
|
environment = {
|
|
|
|
DOMAIN = "http://vaultwarden.ghoscht.com";
|
|
|
|
};
|
|
|
|
restart = "always";
|
|
|
|
networks = [
|
|
|
|
"dmz"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|