---
services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    environment:
      TZ: 'Europe/Berlin'
      DOMAIN: 'https:///domain.tld'
      # Disable signups
      SIGNUPS_ALLOWED: 'false'
      # Disable invitations
      INVITATIONS_ALLOWED: 'false'
      # Enable admin page and create token via a temporary container
      # docker run --rm -it vaultwarden/server /vaultwarden hash
      ADMIN_TOKEN: 'TOKEN'
      # Cache time-to-live for successfully obtained icons, in seconds (0 is "forever")
      ICON_CACHE_TTL: 0
      ICON_SERVICE: 'internal'
      DISABLE_ICON_DOWNLOAD: 'true'
      # Set log settings for fail2ban
      LOG_LEVEL: 'info'
      EXTENDED_LOGGING: 'true'
      LOG_FILE: '/data/vaultwarden.log'
      # SMTP settings
      SMTP_HOST: 'mx.example.com'
      SMTP_PORT: '465'
      SMTP_SECURITY: 'force_tls'
      SMTP_FROM: 'no-reply@example.com'
      SMTP_USERNAME: 'no-reply@example.com'
      SMTP_PASSWORD: 'PASSWORD'
    volumes:
      - ./volumes/data:/data
    ports:
      - "127.0.0.1:8081:80"
    restart: unless-stopped