vaultwardenbitwardenpasswordssecurity

Vaultwarden

Vaultwarden (formerly Bitwarden_RS) is an unofficial, lightweight, Rust-based implementation of the Bitwarden server API. It is fully compatible with all official Bitwarden clients — browser extensions, mobile apps, desktop apps, and the CLI — while using dramatically fewer resources than the official server. This stack uses SQLite for storage by default, making it ideal for personal or small-team deployments without the overhead of a separate database server. All vault data, attachments, and configuration are persisted in a named volume. Features include WebSocket notifications for real-time sync, optional admin panel, SMTP email support for invitations, and two-factor authentication support. After deployment, access the web vault on port 80 and create your first account. Enable the admin panel by setting ADMIN_TOKEN for server management.

Im Editor öffnen Alle Templates1 Services · 1 Netzwerke · 1 Volumes

Enthaltene Services

vaultwarden

vaultwarden/server:latest

Neustart: always

Ports: 80:80

Volumes: 1 mount

Env vars: 12

healthcheck

Umgebungsvariablen:

DOMAIN=${DOMAIN:-http://localhost}

SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED:-true}

INVITATIONS_ALLOWED=${INVITATIONS_ALLOWED:-true}

ADMIN_TOKEN=${ADMIN_TOKEN:-}

WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED:-true}

LOG_LEVEL=${LOG_LEVEL:-info}

SMTP_HOST=${SMTP_HOST:-}

SMTP_PORT=${SMTP_PORT:-587}

SMTP_FROM=${SMTP_FROM:-}

SMTP_SECURITY=${SMTP_SECURITY:-starttls}

SMTP_USERNAME=${SMTP_USERNAME:-}

SMTP_PASSWORD=${SMTP_PASSWORD:-}

Generiertes YAML

# Generated by ComposeHub (composehub.dev)
name: vaultwarden
services:
  vaultwarden:
    image: vaultwarden/server:latest
    restart: always
    ports:
      - 80:80
    volumes:
      - vaultwarden_data:/data
    environment:
      DOMAIN: ${DOMAIN:-http://localhost}
      SIGNUPS_ALLOWED: ${SIGNUPS_ALLOWED:-true}
      INVITATIONS_ALLOWED: ${INVITATIONS_ALLOWED:-true}
      ADMIN_TOKEN: ${ADMIN_TOKEN:-}
      WEBSOCKET_ENABLED: ${WEBSOCKET_ENABLED:-true}
      LOG_LEVEL: ${LOG_LEVEL:-info}
      SMTP_HOST: ${SMTP_HOST:-}
      SMTP_PORT: ${SMTP_PORT:-587}
      SMTP_FROM: ${SMTP_FROM:-}
      SMTP_SECURITY: ${SMTP_SECURITY:-starttls}
      SMTP_USERNAME: ${SMTP_USERNAME:-}
      SMTP_PASSWORD: ${SMTP_PASSWORD:-}
    networks:
      - vaultwarden
    healthcheck:
      test:
        - CMD-SHELL
        - curl -f http://localhost/alive || exit 1
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 20s
    deploy:
      resources:
        limits:
          cpus: "1.00"
          memory: 512M
        reservations:
          cpus: "0.10"
          memory: 64M
    labels:
      com.composehub.description: Vaultwarden password manager server
networks:
  vaultwarden:
    driver: bridge
volumes:
  vaultwarden_data:
    driver: local

Kurzinfo

Services: 1
Netzwerke: 1
Volumes: 1

Wann verwenden

Dieses Template ist ideal für die Einrichtung einer vaultwarden Umgebung. Alle Services sind mit Healthchecks, Ressourcenlimits und sinnvollen Standardwerten vorkonfiguriert. Passen Sie die Umgebungsvariablen an, bevor Sie in Produktion gehen.

Tipps

Ändern Sie alle Standardpasswörter vor dem Deployment
Überprüfen Sie die Ressourcenlimits für Ihre Hardware
Fügen Sie einen Reverse Proxy für HTTPS in Produktion hinzu
Konfigurieren Sie Backup-Strategien für Daten-Volumes

Im Editor öffnen