| 1 | # tr -dc A-Za-z0-9 </dev/urandom | head -c 12 ; echo '' |
| 2 | TRAEFIK_HASH=H6UNStXJUAX5 |
| 3 | TRAEFIK_PROJECT=bitwarden |
| 4 | TRAEFIK_SERVICE_01=bitwarden |
| 5 |
bitwarden.service
· 883 B · SYSTEMD
Raw
[Unit]
Description=Bitwarden RS Service
After=network.target docker.service traefik.service
Requires=docker.service
[Service]
#Type=simple
Type=oneshot
RemainAfterExit=yes
Environment="WORK_DIR=/srv/docker/bitwarden/"
WorkingDirectory=/srv/docker/bitwarden/
ExecStartPre=-/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" down
ExecStartPre=-/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" pull
ExecStart=/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" up -d
ExecStop=/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" down
[Install]
WantedBy=docker.service
| 1 | [Unit] |
| 2 | Description=Bitwarden RS Service |
| 3 | After=network.target docker.service traefik.service |
| 4 | Requires=docker.service |
| 5 | |
| 6 | [Service] |
| 7 | #Type=simple |
| 8 | Type=oneshot |
| 9 | RemainAfterExit=yes |
| 10 | |
| 11 | Environment="WORK_DIR=/srv/docker/bitwarden/" |
| 12 | WorkingDirectory=/srv/docker/bitwarden/ |
| 13 | ExecStartPre=-/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" down |
| 14 | ExecStartPre=-/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" pull |
| 15 | ExecStart=/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" up -d |
| 16 | ExecStop=/usr/local/bin/docker-compose -f "${WORK_DIR}/docker-compose.yml" -f "${WORK_DIR}/container.conf/production.yml" down |
| 17 | |
| 18 | [Install] |
| 19 | WantedBy=docker.service |
| 20 |
docker-compose.yml
· 2.1 KiB · YAML
Raw
version: '3.7'
services:
bitwarden:
image: bitwardenrs/server
environment:
WEBSOCKET_ENABLED: 'true' # Required to use websockets
SIGNUPS_ALLOWED: 'true' # set to false to disable signups
networks:
- default
- system_traefik
restart: always
labels:
- com.centurylinklabs.watchtower.enable=true
- traefik.enable=true
- traefik.docker.network=system_traefik
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.entrypoints=websecure
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.tls=true
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.tls.certresolver=default
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.middlewares=default-security-headers@file
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.service=${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}
- traefik.http.services.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.loadbalancer.server.port=80
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.entrypoints=websecure
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.tls=true
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.tls.certresolver=default
- traefik.http.middlewares.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}-strip.stripprefix.prefixes=/notifications/hub
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.middlewares=default-security-headers@file,${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}-strip@docker
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.service=${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}
- traefik.http.services.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.loadbalancer.server.port=3012
volumes:
- ./bw-data:/data
volumes:
app-volume:
networks:
system_traefik:
external: true
| 1 | version: '3.7' |
| 2 | |
| 3 | services: |
| 4 | bitwarden: |
| 5 | image: bitwardenrs/server |
| 6 | environment: |
| 7 | WEBSOCKET_ENABLED: 'true' # Required to use websockets |
| 8 | SIGNUPS_ALLOWED: 'true' # set to false to disable signups |
| 9 | networks: |
| 10 | - default |
| 11 | - system_traefik |
| 12 | restart: always |
| 13 | labels: |
| 14 | - com.centurylinklabs.watchtower.enable=true |
| 15 | - traefik.enable=true |
| 16 | - traefik.docker.network=system_traefik |
| 17 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.entrypoints=websecure |
| 18 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.tls=true |
| 19 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.tls.certresolver=default |
| 20 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.middlewares=default-security-headers@file |
| 21 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.service=${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH} |
| 22 | - traefik.http.services.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.loadbalancer.server.port=80 |
| 23 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.entrypoints=websecure |
| 24 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.tls=true |
| 25 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.tls.certresolver=default |
| 26 | - traefik.http.middlewares.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}-strip.stripprefix.prefixes=/notifications/hub |
| 27 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.middlewares=default-security-headers@file,${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}-strip@docker |
| 28 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.service=${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH} |
| 29 | - traefik.http.services.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.loadbalancer.server.port=3012 |
| 30 | volumes: |
| 31 | - ./bw-data:/data |
| 32 | |
| 33 | volumes: |
| 34 | app-volume: |
| 35 | |
| 36 | networks: |
| 37 | system_traefik: |
| 38 | external: true |
| 39 |
production.yml
· 457 B · YAML
Raw
version: '3.7'
services:
bitwarden:
image: bitwardenrs/server:1.19.0-alpine
labels:
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.rule=Host(`bitwarden.test.org`)
- traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.rule=Host(`bitwarden.test.org`) && Path(`/notifications/hub`)
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/timezone:/etc/timezone:ro
| 1 | version: '3.7' |
| 2 | |
| 3 | services: |
| 4 | bitwarden: |
| 5 | image: bitwardenrs/server:1.19.0-alpine |
| 6 | labels: |
| 7 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-${TRAEFIK_HASH}.rule=Host(`bitwarden.test.org`) |
| 8 | - traefik.http.routers.${TRAEFIK_PROJECT}-${TRAEFIK_SERVICE_01}-ws-${TRAEFIK_HASH}.rule=Host(`bitwarden.test.org`) && Path(`/notifications/hub`) |
| 9 | volumes: |
| 10 | - /etc/localtime:/etc/localtime:ro |
| 11 | - /etc/timezone:/etc/timezone:ro |
| 12 |