vaultwardenbitwardenpasswordssecurity

Vaultwarden

Vaultwarden (formerly Bitwarden_RS) is an unofficial, lightweight, Rust-based implementation of the Bitwarden server API. It is fully compatible with all official Bitwarden clients — browser extensions, mobile apps, desktop apps, and the CLI — while using dramatically fewer resources than the official server. This stack uses SQLite for storage by default, making it ideal for personal or small-team deployments without the overhead of a separate database server. All vault data, attachments, and configuration are persisted in a named volume. Features include WebSocket notifications for real-time sync, optional admin panel, SMTP email support for invitations, and two-factor authentication support. After deployment, access the web vault on port 80 and create your first account. Enable the admin panel by setting ADMIN_TOKEN for server management.

Ouvrir dans l'Éditeur Tous les Modèles1 services · 1 réseaux · 1 volumes

Services Inclus

vaultwarden

vaultwarden/server:latest

redémarrage: always

Ports : 80:80

volumes: 1 mount

Env vars: 12

healthcheck

Variables d'Environnement :

DOMAIN=${DOMAIN:-http://localhost}

SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED:-true}

INVITATIONS_ALLOWED=${INVITATIONS_ALLOWED:-true}

ADMIN_TOKEN=${ADMIN_TOKEN:-}

WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED:-true}

LOG_LEVEL=${LOG_LEVEL:-info}

SMTP_HOST=${SMTP_HOST:-}

SMTP_PORT=${SMTP_PORT:-587}

SMTP_FROM=${SMTP_FROM:-}

SMTP_SECURITY=${SMTP_SECURITY:-starttls}

SMTP_USERNAME=${SMTP_USERNAME:-}

SMTP_PASSWORD=${SMTP_PASSWORD:-}

YAML Généré

# Generated by ComposeHub (composehub.dev)
name: vaultwarden
services:
  vaultwarden:
    image: vaultwarden/server:latest
    restart: always
    ports:
      - 80:80
    volumes:
      - vaultwarden_data:/data
    environment:
      DOMAIN: ${DOMAIN:-http://localhost}
      SIGNUPS_ALLOWED: ${SIGNUPS_ALLOWED:-true}
      INVITATIONS_ALLOWED: ${INVITATIONS_ALLOWED:-true}
      ADMIN_TOKEN: ${ADMIN_TOKEN:-}
      WEBSOCKET_ENABLED: ${WEBSOCKET_ENABLED:-true}
      LOG_LEVEL: ${LOG_LEVEL:-info}
      SMTP_HOST: ${SMTP_HOST:-}
      SMTP_PORT: ${SMTP_PORT:-587}
      SMTP_FROM: ${SMTP_FROM:-}
      SMTP_SECURITY: ${SMTP_SECURITY:-starttls}
      SMTP_USERNAME: ${SMTP_USERNAME:-}
      SMTP_PASSWORD: ${SMTP_PASSWORD:-}
    networks:
      - vaultwarden
    healthcheck:
      test:
        - CMD-SHELL
        - curl -f http://localhost/alive || exit 1
      interval: 30s
      timeout: 10s
      retries: 3
      start_period: 20s
    deploy:
      resources:
        limits:
          cpus: "1.00"
          memory: 512M
        reservations:
          cpus: "0.10"
          memory: 64M
    labels:
      com.composehub.description: Vaultwarden password manager server
networks:
  vaultwarden:
    driver: bridge
volumes:
  vaultwarden_data:
    driver: local

Informations Rapides

Services: 1
Réseaux: 1
Volumes: 1

Quand l'Utiliser

Ce modèle est idéal pour mettre en place un environnement vaultwarden Tous les services sont préconfigurés avec des healthchecks, des limites de ressources et des valeurs par défaut raisonnables. Personnalisez les variables d'environnement avant de déployer en production.

Conseils

Changez tous les mots de passe par défaut avant le déploiement
Vérifiez les limites de ressources pour votre matériel
Ajoutez un reverse proxy pour le HTTPS en production
Configurez des stratégies de sauvegarde pour les volumes de données

Ouvrir dans l'Éditeur