vaultwarden: container_name: vaultwarden image: vaultwarden/server:la

1. vaultwarden:
2.     container_name: vaultwarden
3.     image: vaultwarden/server:latest
4.     # user:  "1000:1000"
5.     volumes:
6.      - '${DOCKER_VOLUMES_FOLDER}/vaultwarden/:/data/'
7.     restart: unless-stopped
8.     environment:
9.      - ADMIN_TOKEN=${ADMIN_TOKEN}
10.     networks:
11.       proxy:
12.         ipv4_address: 172.25.0.13
13.     labels:
14.      - "traefik.enable=true"
15.       - "traefik.http.routers.vaultwarden.entrypoints=http"
16.       - "traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.domain.com`)"
17.       - "traefik.http.middlewares.vaultwarden-https-redirect.redirectscheme.scheme=https"
18.       - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
19.  
20.       - "traefik.http.routers.vaultwarden.middlewares=vaultwarden-https-redirect"
21.  
22.  
23.       - "traefik.http.routers.vaultwarden-secure.entrypoints=https"
24.       - "traefik.http.routers.vaultwarden-secure.rule=Host(`vaultwarden.domain.com`)"
25.  
26.  
27.       - "traefik.http.routers.vaultwarden-secure.tls=true"
28.       - "traefik.http.routers.vaultwarden-secure.tls.certresolver=cloudflare"
29.       - "traefik.http.routers.vaultwarden-secure.tls.domains[0].main=domain.com"
30.       - "traefik.http.routers.vaultwarden-secure.tls.domains[0].sans=*.domain.com"
31.  
32.  
33.       - "traefik.docker.network=proxy"
34.  
35.  
36.     security_opt:
37.      - no-new-privileges:true
38.  
39.  
40.   traefik:
41.     image: traefik:latest
42.     container_name: traefik
43.     restart: unless-stopped
44.     security_opt:
45.      - no-new-privileges:true
46.     networks:
47.        proxy:
48.           ipv4_address: 172.25.0.2
49.     ports:
50.      - "80:80"
51.       - "443:443"
52.       - "853:853"
53.       - "25:25"
54.       - "465:465"
55.       - "993:993"
56.       - "4190:4190"
57.     environment:
58.      - CF_API_EMAIL=${CF_API_EMAIL}
59.       #- CF_DNS_API_TOKEN=${CF_API_TOKEN}
60.       - CF_API_KEY=
61.     volumes:
62.      - /etc/localtime:/etc/localtime:ro
63.       - /var/run/docker.sock:/var/run/docker.sock:ro
64.       - ${DOCKER_VOLUMES_FOLDER}/traefik/traefik.yml:/traefik.yml:ro
65.       - ${DOCKER_VOLUMES_FOLDER}/traefik/acme.json:/acme.json
66.       - ${DOCKER_VOLUMES_FOLDER}/traefik/config.yml:/config.yml:ro
67.       - ${DOCKER_VOLUMES_FOLDER}/traefik/logs:/var/log/traefik
68.     labels:
69.      - "traefik.enable=true"
70.       - "traefik.http.routers.traefik.entrypoints=http"
71.       - "traefik.http.routers.traefik.rule=Host(`traefik.domain.com`)"
72.       - "traefik.http.middlewares.traefik-auth.basicauth.users=${TRAEFIK_AUTH_STR}"
73.       - "traefik.http.middlewares.traefik-https-redirect.redirectscheme.scheme=https"
74.       - "traefik.http.middlewares.sslheader.headers.customrequestheaders.X-Forwarded-Proto=https"
75.  
76.       - "traefik.http.routers.traefik.middlewares=traefik-https-redirect"
77.  
78.       - "traefik.http.routers.traefik-secure.entrypoints=https"
79.       - "traefik.http.routers.traefik-secure.rule=Host(`traefik.domain.com`)"
80.       - "traefik.http.routers.traefik-secure.middlewares=traefik-auth"
81.       - "traefik.http.routers.traefik-secure.tls=true"
82.       - "traefik.http.routers.traefik-secure.tls.certresolver=cloudflare"
83.       - "traefik.http.routers.traefik-secure.tls.domains[0].main=domain.com"
84.       - "traefik.http.routers.traefik-secure.tls.domains[0].sans=*.domain.com"
85.       - "traefik.http.routers.traefik-secure.service=api@internal"
86.  
87.