1.2.0 Release vaultwarden

2026-03-15 05:28:43 +09:00
parent 4b7ec4d638
commit 6fc12d0119
10 changed files with 211 additions and 21 deletions
--- a/config/services/containers/app/vaultwarden/vaultwarden.container.j2
+++ b/config/services/containers/app/vaultwarden/vaultwarden.container.j2
@@ -0,0 +1,34 @@
+[Quadlet]
+DefaultDependencies=false
+
+[Unit]
+Description=Vaultwarden
+
+After=network-online.target
+Wants=network-online.target
+
+[Container]
+Image=docker.io/vaultwarden/server:{{ version['containers']['vaultwarden'] }}
+
+ContainerName=vaultwarden
+HostName=vaultwarden
+
+PublishPort=8000:80/tcp
+
+Volume=%h/data/containers/vaultwarden:/data:rw
+Volume=%h/containers/vaultwarden/ssl:/etc/ssl/vaultwarden:ro
+
+Environment="TZ=Asia/Seoul"
+Environment="DOMAIN=https://vault.ilnmors.com"
+Environment="SIGNUPS_ALLOWED=false"
+Secret=VW_ADMIN_TOKEN,type=env,target=ADMIN_TOKEN
+Secret=VW_DATABASE_URL,type=env,target=DATABASE_URL
+
+[Service]
+ExecStartPre=/usr/bin/nc -zv {{ infra_uri['postgresql']['domain'] }} {{ infra_uri['postgresql']['ports']['tcp'] }}
+Restart=always
+RestartSec=10s
+TimeoutStopSec=120
+
+[Install]
+WantedBy=default.target
--- a/config/services/containers/common/caddy/etc/app/Caddyfile.j2
+++ b/config/services/containers/common/caddy/etc/app/Caddyfile.j2
@@ -23,8 +23,14 @@ app.ilnmors.internal {
        import private_tls
        metrics
 }
-test.app.ilnmors.internal {
-         import private_tls
-         root * /usr/share/caddy
-         file_server
+# test.app.ilnmors.internal {
+#         import private_tls
+#         root * /usr/share/caddy
+#         file_server
+# }
+vault.app.ilnmors.internal {
+        import private_tls
+        reverse_proxy host.containers.internal:8000 {
+               header_up Host {http.request.header.X-Forwarded-Host}
+        }
 }
--- a/config/services/containers/common/caddy/etc/auth/Caddyfile.j2
+++ b/config/services/containers/common/caddy/etc/auth/Caddyfile.j2
@@ -41,24 +41,33 @@ authelia.ilnmors.com {
                reverse_proxy host.containers.internal:9091
        }
 }
-test.ilnmors.com {
+# test.ilnmors.com {
+#         import crowdsec_log
+#         route {
+#                 crowdsec
+#                 forward_auth host.containers.internal:9091 {
+#                         # Authelia Forward Auth endpoint URI
+#                         uri /api/authz/forward-auth
+#                         copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
+#                 }
+#                 root * /usr/share/caddy
+#                 file_server
+#         }
+# }
+# test.app.ilnmors.com {
+#         import crowdsec_log
+#         route {
+#                 crowdsec
+#                 reverse_proxy https://test.app.ilnmors.internal {
+#                         header_up Host {http.reverse_proxy.upstream.host}
+#                 }
+#         }
+# }
+vault.ilnmors.com {
        import crowdsec_log
        route {
                crowdsec
-                forward_auth host.containers.internal:9091 {
-                        # Authelia Forward Auth endpoint URI
-                        uri /api/authz/forward-auth
-                        copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
-                }
-                root * /usr/share/caddy
-                file_server
-        }
-}
-test.app.ilnmors.com {
-        import crowdsec_log
-        route {
-                crowdsec
-                reverse_proxy https://test.app.ilnmors.internal {
+                reverse_proxy https://vault.app.ilnmors.internal {
                        header_up Host {http.reverse_proxy.upstream.host}
                }
        }