Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a31121a39438de8edee695fe5ea5cb9b035e3386
homelab-optimized/docs/services/individual/vaultwarden.md
Gitea Mirror Bot a31121a394
Some checks failed
Documentation / Build Docusaurus (push) Failing after 9s
Details
Documentation / Deploy to GitHub Pages (push) Has been skipped
Details
Sanitized mirror from private repository - 2026-03-02 21:17:14 UTC
2026-03-02 21:17:14 +00:00

5.5 KiB
Raw Blame History

Vaultwarden

🔴 Security Service

📋 Service Overview

Property Value
Service Name vaultwarden
Host Atlantis
Category Security
Difficulty 🔴
Docker Image vaultwarden/server:latest
Compose File Atlantis/vaultwarden.yaml
Directory Atlantis

🎯 Purpose

Vaultwarden is an alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients.

🚀 Quick Start

Prerequisites

  • Docker and Docker Compose installed
  • Basic understanding of REDACTED_APP_PASSWORD
  • Access to the host system (Atlantis)

Deployment

# Navigate to service directory
cd Atlantis

# Start the service
docker-compose up -d

# Check service status
docker-compose ps

# View logs
docker-compose logs -f vaultwarden

🔧 Configuration

Docker Compose Configuration

container_name: Vaultwarden
cpu_shares: 1024
depends_on:
  db:
    condition: service_started
environment:
  ADMIN_TOKEN: "REDACTED_TOKEN"
  DATABASE_URL: postgresql://vaultwardenuser:REDACTED_PASSWORD@vaultwarden-db:5432/vaultwarden
  DISABLE_ADMIN_TOKEN: false
  DOMAIN: https://pw.vish.gg
  ROCKET_PORT: 4020
  SMTP_FROM: your-email@example.com
  SMTP_HOST: smtp.gmail.com
  SMTP_PASSWORD: "REDACTED_PASSWORD"
  SMTP_PORT: 587
  SMTP_SECURITY: starttls
  SMTP_USERNAME: your-email@example.com
hostname: vaultwarden
image: vaultwarden/server:latest
mem_limit: 256m
mem_reservation: 96m
ports:
- 4080:4020
restart: on-failure:5
security_opt:
- no-new-privileges:true
user: 1026:100
volumes:
- /volume1/docker/vaultwarden/data:/data:rw

Environment Variables

Variable Value Description
ROCKET_PORT 4020 Configuration variable
DATABASE_URL postgresql://vaultwardenuser:REDACTED_PASSWORD@vaultwarden-db:5432/vaultwarden Database connection string
ADMIN_TOKEN ***MASKED*** Configuration variable
DISABLE_ADMIN_TOKEN ***MASKED*** Configuration variable
DOMAIN https://pw.vish.gg Service domain name
SMTP_HOST smtp.gmail.com Configuration variable
SMTP_FROM your-email@example.com Configuration variable
SMTP_PORT 587 Configuration variable
SMTP_SECURITY starttls Configuration variable
SMTP_USERNAME your-email@example.com Configuration variable
SMTP_PASSWORD ***MASKED*** Configuration variable

Port Mappings

Host Port Container Port Protocol Purpose
4080 4020 TCP Service port

Volume Mappings

Host Path Container Path Type Purpose
/volume1/docker/vaultwarden/data /data bind Application data

🌐 Access Information

Service ports: 4080:4020

🔒 Security Considerations

  • Security options configured
  • Non-root user configured
  • 🔒 Enable HTTPS with reverse proxy
  • 🔒 Disable user registration after setup
  • 🔒 Enable 2FA for all accounts
  • 🔒 Regular database backups

📊 Resource Requirements

No resource limits configured

Recommended Resources

  • Minimum RAM: 512MB
  • Recommended RAM: 1GB+
  • CPU: 1 core minimum
  • Storage: Varies by usage

Resource Monitoring

Monitor resource usage with:

docker stats

🔍 Health Monitoring

⚠️ No health check configured Consider adding a health check:

healthcheck:
  test: ["CMD", "curl", "-f", "http://localhost:PORT/health"]
  interval: 30s
  timeout: 10s
  retries: 3

Manual Health Checks

# Check container health
docker inspect --format='{{.State.Health.Status}}' CONTAINER_NAME

# View health check logs
docker inspect --format='{{range .State.Health.Log}}{{.Output}}{{end}}' CONTAINER_NAME

🚨 Troubleshooting

Common Issues

Service won't start

  • Check Docker logs: docker-compose logs service-name
  • Verify port availability: netstat -tulpn | grep PORT
  • Check file permissions on mounted volumes

Can't access web interface

  • Verify service is running: docker-compose ps
  • Check firewall settings
  • Confirm correct port mapping

Performance issues

  • Monitor resource usage: docker stats
  • Check available disk space: df -h
  • Review service logs for errors

Authentication issues

  • Verify credentials are correct
  • Check LDAP/SSO configuration
  • Review authentication logs

Useful Commands

# Check service status
docker-compose ps

# View real-time logs
docker-compose logs -f vaultwarden

# Restart service
docker-compose restart vaultwarden

# Update service
docker-compose pull vaultwarden
docker-compose up -d vaultwarden

# Access service shell
docker-compose exec vaultwarden /bin/bash
# or
docker-compose exec vaultwarden /bin/sh

📚 Additional Resources

  • Official Documentation: Check the official docs for vaultwarden
  • Docker Hub: vaultwarden/server:latest
  • Community Forums: Search for community discussions and solutions
  • GitHub Issues: Check the project's GitHub for known issues

🔗 Related Services

Services REDACTED_APP_PASSWORD vaultwarden:

  • Vaultwarden
  • Authelia
  • Pi-hole
  • WireGuard

This documentation is auto-generated from the Docker Compose configuration. For the most up-to-date information, refer to the official documentation and the actual compose file.

Last Updated: 2025-11-17
Configuration Source: Atlantis/vaultwarden.yaml

Reference in New Issue View Git Blame Copy Permalink