2026-02-22 15:38:13 -05:00
|
|
|
version: '3.8'
|
|
|
|
|
|
|
|
|
|
services:
|
|
|
|
|
vaultwarden:
|
|
|
|
|
image: vaultwarden/server:latest
|
|
|
|
|
container_name: vaultwarden
|
|
|
|
|
restart: always
|
|
|
|
|
# Run as the defined Synology user to prevent root file ownership
|
|
|
|
|
user: "${PUID}:${PGID}"
|
|
|
|
|
environment:
|
|
|
|
|
# General
|
|
|
|
|
- WEBSOCKET_ENABLED=true
|
|
|
|
|
- DOMAIN=${DOMAIN}
|
|
|
|
|
- SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED}
|
|
|
|
|
# Email (Optional but recommended for invitations & 2FA)
|
|
|
|
|
- SMTP_HOST=${SMTP_HOST}
|
|
|
|
|
- SMTP_FROM=${SMTP_FROM}
|
|
|
|
|
- SMTP_SECURITY=${SMTP_SECURITY:-starttls}
|
|
|
|
|
- SMTP_PORT=${SMTP_PORT:-587}
|
|
|
|
|
- SMTP_USERNAME=${SMTP_USERNAME}
|
|
|
|
|
- SMTP_PASSWORD=${SMTP_PASSWORD}
|
|
|
|
|
# Admin Panel
|
|
|
|
|
- ADMIN_TOKEN=${ADMIN_TOKEN}
|
|
|
|
|
volumes:
|
|
|
|
|
- /volume1/docker/vaultwarden/data:/data:rw
|
|
|
|
|
ports:
|
2026-02-22 15:47:35 -05:00
|
|
|
- "8020:80" # Web UI
|
2026-02-22 15:38:13 -05:00
|
|
|
# Note: Vaultwarden integrates the WebSocket server into the main process in recent versions,
|
|
|
|
|
# so exposing port 3012 is no longer required for typical setups unless using reverse proxy splitting.
|
