vantezzen · February 19, 2024 15:39
diff --git a/docker-compose.yml b/docker-compose.yml
 # This Docker Compose configuration can be used to set up a vaultwarden
 # setup on the *local* network.
 #
 # Many existing configurations are meant to be used on a public network
 # with a Let's Encrypt certificate, its own domain etc.
 # This configuration is meant to remain in the local network and not get
 # exposed to the public facing internet to provide an additional layer
 # of security. This way, passwords will only sync when in the local network.
 #
 # This configuration assumes that it will be available from https://nasty.local:86
 # but the hostname and port can be changes freely.
 # Simply copy this file to the homeserver, customize the admin token and hostname
 # any run "docker-compose up -d" to start the containers.
 #
 # By default, self-sign up will be deisabled so no new users can simply register an
 # account. To create an account, you will first need to open the admin console
 # at https://nasty.local:86/admin and invite the new user via their email address.
 # Unless manually added, no SMTP server is connected and thus no mails will be sent.
 # You can simply now register using the email address you invited using the frontend.
 #
 # A self-signed HTTPS certificate will be created for hosting so you might need
 # to add the self-created HTTPS autority certificate found at 
 # ./vw-data/caddy-data/caddy/pki/authorities/local/root.crt to use the server
 #
 # All data can be backed up by simply copying the "./vw-data" folder that contains
 # all data for vaultwarden and the Caddy reverse proxy
 version: '3'

 services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: unless-stopped
    environment:
      - WEBSOCKET_ENABLED=true
      - ADMIN_TOKEN=myadmintoken
      - SIGNUPS_ALLOWED=false
      - DOMAIN=https://nasty.local
      # - SIGNUPS_ALLOWED=true
      # - SIGNUPS_VERIFY=true
    volumes:
      - ./vw-data/vw:/data
    networks:
      - vaultwarden

  caddy:
    image: caddy:2
    container_name: caddy
    command: caddy reverse-proxy --from nasty.local:86 --to vaultwarden:80
    restart: unless-stopped
    ports:
      - 86:86
      - 87:443
    volumes:
      - ./vw-data/caddy-config:/config
      - ./vw-data/caddy-data:/data
    environment:
      - DOMAIN=nasty.local
    networks:
      - vaultwarden

 networks:
    vaultwarden:
        driver: bridge
	# This Docker Compose configuration can be used to set up a vaultwarden
	# setup on the local network.
	#
	# Many existing configurations are meant to be used on a public network
	# with a Let's Encrypt certificate, its own domain etc.
	# This configuration is meant to remain in the local network and not get
	# exposed to the public facing internet to provide an additional layer
	# of security. This way, passwords will only sync when in the local network.
	#
	# This configuration assumes that it will be available from https://nasty.local:86
	# but the hostname and port can be changes freely.
	# Simply copy this file to the homeserver, customize the admin token and hostname
	# any run "docker-compose up -d" to start the containers.
	#
	# By default, self-sign up will be deisabled so no new users can simply register an
	# account. To create an account, you will first need to open the admin console
	# at https://nasty.local:86/admin and invite the new user via their email address.
	# Unless manually added, no SMTP server is connected and thus no mails will be sent.
	# You can simply now register using the email address you invited using the frontend.
	#
	# A self-signed HTTPS certificate will be created for hosting so you might need
	# to add the self-created HTTPS autority certificate found at
	# ./vw-data/caddy-data/caddy/pki/authorities/local/root.crt to use the server
	#
	# All data can be backed up by simply copying the "./vw-data" folder that contains
	# all data for vaultwarden and the Caddy reverse proxy
	version: '3'

	services:
	vaultwarden:
	image: vaultwarden/server:latest
	container_name: vaultwarden
	restart: unless-stopped
	environment:
	- WEBSOCKET_ENABLED=true
	- ADMIN_TOKEN=myadmintoken
	- SIGNUPS_ALLOWED=false
	- DOMAIN=https://nasty.local
	# - SIGNUPS_ALLOWED=true
	# - SIGNUPS_VERIFY=true
	volumes:
	- ./vw-data/vw:/data
	networks:
	- vaultwarden

	caddy:
	image: caddy:2
	container_name: caddy
	command: caddy reverse-proxy --from nasty.local:86 --to vaultwarden:80
	restart: unless-stopped
	ports:
	- 86:86
	- 87:443
	volumes:
	- ./vw-data/caddy-config:/config
	- ./vw-data/caddy-data:/data
	environment:
	- DOMAIN=nasty.local
	networks:
	- vaultwarden

	networks:
	vaultwarden:
	driver: bridge