services:
  vaultwarden:
    image: vaultwarden/server:latest
    env_file: .env
    container_name: vaultwarden
    restart: unless-stopped
    ports:
      - 3001:80  # Needed for the ACME HTTP-01 challenge.
      - 3002:443
    environment:
      DOMAIN: ${VAULT_DOMAN}
      LOG_FILE: "/data/vaultwarden.log"
      LOG_LEVEL: "warn"
      EXTENDED_LOGGING: "true"
      SHOW_PASSWORD_HINT: "false"
      SENDS_ALLOWED: "true"
      LOGIN_RATELIMIT_MAX_BURST: 10
      LOGIN_RATELIMIT_SECONDS: 60
      ADMIN_RATELIMIT_MAX_BURST: 10
      ADMIN_RATELIMIT_SECONDS: 60
      ADMIN_TOKEN: ${VAULT_ADMIN_TOKEN}
      EMERGENCY_ACCESS_ALLOWED: "true"
      SIGNUPS_ALLOWED: "false"
      SIGNUPS_VERIFY: true
      SIGNUPS_VERIFY_RESEND_TIME: 3600
      SIGNUPS_VERIFY_RESEND_LIMIT: 5
      SMTP_HOST: ${VAULT_SMTP_HOST}
      SMTP_FROM: ${VAULT_SMTP_FROM}
      SMTP_SECURITY: "starttls"
      SMTP_PORT: 587
      SMTP_USERNAME: ${VAULT_SMTP_USER}
      SMTP_PASSWORD: ${VAULT_SMTP_PASSWD}
    volumes:
      - ./vw-data:/data