gist:01c63f7d6d9147a0838c474dd21b1ac8 的修订

waja 修订了这个 Gist 4 years ago. 转到此修订

没有任何变更

waja 修订了这个 Gist 4 years ago. 转到此修订

4 files changed, 72 insertions

.env(文件已创建)

		@@ -0,0 +1,4 @@
1	+	# tr -dc A-Za-z0-9 </dev/urandom \| head -c 12 ; echo ''
2	+	TRAEFIK_HASH=H6UNStXJUAX5
3	+	TRAEFIK_PROJECT=bitwarden
4	+	TRAEFIK_SERVICE_01=bitwarden

bitwarden.service(文件已创建)

		@@ -0,0 +1,19 @@
1	+	[Unit]
2	+	Description=Bitwarden RS Service
3	+	After=network.target docker.service traefik.service
4	+	Requires=docker.service
5	+
6	+	[Service]
7	+	#Type=simple
8	+	Type=oneshot
9	+	RemainAfterExit=yes
10	+
11	+	Environment="WORK_DIR=/srv/docker/bitwarden/"
12	+	WorkingDirectory=/srv/docker/bitwarden/
13	+	ExecStartPre=-/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" down
14	+	ExecStartPre=-/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" pull
15	+	ExecStart=/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" up -d
16	+	ExecStop=/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" down
17	+
18	+	[Install]
19	+	WantedBy=docker.service

docker-compose.yml(文件已创建)

		@@ -0,0 +1,38 @@
1	+	version: '3.7'
2	+
3	+	services:
4	+	bitwarden:
5	+	image: bitwardenrs/server
6	+	environment:
7	+	WEBSOCKET_ENABLED: 'true' # Required to use websockets
8	+	SIGNUPS_ALLOWED: 'true' # set to false to disable signups
9	+	networks:
10	+	- default
11	+	- system_traefik
12	+	restart: always
13	+	labels:
14	+	- com.centurylinklabs.watchtower.enable=true
15	+	- traefik.enable=true
16	+	- traefik.docker.network=system_traefik
17	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.entrypoints=websecure
18	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.tls=true
19	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.tls.certresolver=default
20	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.middlewares=default-security-headers@file
21	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.service=${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}
22	+	- traefik.http.services.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.loadbalancer.server.port=80
23	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.entrypoints=websecure
24	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.tls=true
25	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.tls.certresolver=default
26	+	- traefik.http.middlewares.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}-strip.stripprefix.prefixes=/notifications/hub
27	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.middlewares=default-security-headers@file,${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}-strip@docker
28	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.service=${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}
29	+	- traefik.http.services.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.loadbalancer.server.port=3012
30	+	volumes:
31	+	- ./bw-data:/data
32	+
33	+	volumes:
34	+	app-volume:
35	+
36	+	networks:
37	+	system_traefik:
38	+	external: true

production.yml(文件已创建)

		@@ -0,0 +1,11 @@
1	+	version: '3.7'
2	+
3	+	services:
4	+	bitwarden:
5	+	image: bitwardenrs/server:1.19.0-alpine
6	+	labels:
7	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.rule=Host(`bitwarden.test.org`)
8	+	- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.rule=Host(`bitwarden.test.org`) && Path(`/notifications/hub`)
9	+	volumes:
10	+	- /etc/localtime:/etc/localtime:ro
11	+	- /etc/timezone:/etc/timezone:ro