commit a9c7bdc732f925ad37e36ef4d0f4d41fdd44c34e
Author: 3wc <3wc@doesthisthing.work>
Date:   Tue Nov 16 22:04:57 2021 +0200

    Initial import

diff --git a/.env.sample b/.env.sample
new file mode 100644
index 0000000..40638a0
--- /dev/null
+++ b/.env.sample
@@ -0,0 +1,7 @@
+TYPE=vaultwarden
+
+DOMAIN=vaultwarden.example.com
+
+## Domain aliases
+#EXTRA_DOMAINS=', `www.vaultwarden.example.com`'
+LETS_ENCRYPT_ENV=production
diff --git a/compose.yml b/compose.yml
new file mode 100644
index 0000000..acc4b3e
--- /dev/null
+++ b/compose.yml
@@ -0,0 +1,42 @@
+---
+version: "3.8"
+
+services:
+  app:
+    image: vaultwarden/server:1.21.0
+    networks:
+      - proxy
+    environment:
+      - "DOMAIN=https://$DOMAIN"
+      - "WEBSOCKET_ENABLED=true"
+      - "ADMIN_TOKEN=test"
+      # - SIGNUPS_ALLOWED: $$cap_register_enabled
+      # - ADMIN_TOKEN: $$cap_admin_token
+    volumes:
+      - vaultwarden_data:/data
+    deploy:
+      restart_policy:
+        condition: on-failure
+      labels:
+        - "traefik.enable=true"
+        - "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
+        - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
+        - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
+        - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
+        ## Redirect from EXTRA_DOMAINS to DOMAIN
+        #- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
+        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
+        #- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
+    # healthcheck:
+    #   test: ["CMD", "curl", "-f", "http://localhost"]
+    #   interval: 30s
+    #   timeout: 10s
+    #   retries: 10
+    #   start_period: 1m
+
+volumes:
+  vaultwarden_data:
+
+networks:
+  proxy:
+    external: true