From 4b8dd7355b64f842b142ed122b369d5b201fb1a9 Mon Sep 17 00:00:00 2001
From: mattspeer <mwspeer@gmail.com>
Date: Thu, 28 May 2026 11:39:50 -0500
Subject: [PATCH] Update docker-compose.yaml

Added labels and network for traefik - aligned with currently deployed yaml
---
 docker-compose.yaml | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 18a01e8..fd74b52 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,9 +1,18 @@
-version: '3'
-
 services:
   vaultwarden:
     image: vaultwarden/server:latest
     container_name: vaultwarden
+    networks:
+      - traefik-public
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.vault.rule=Host(`vault.speerfam.net`)"
+      - "traefik.http.routers.vault.entrypoints=websecure"
+      - "traefik.http.routers.vault.tls.certresolver=myresolver"
+      
+      # Pulling the security rules dynamically from our file provider setup
+      - "traefik.http.routers.vault.middlewares=geoblock-policy@file,crowdsec-policy@file,secure-headers@file"
+      - "traefik.http.services.vault.loadbalancer.server.port=8001"
     restart: always
     environment:
 #      - WEBSOCKET_ENABLED=true
@@ -22,9 +31,12 @@ services:
       - SMTP_PASSWORD=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
       - SMTP_AUTH_MECHANISM="Login"
     volumes:
-      - /home/mattspeer/docker/vaultwarden/data:/data
+      - /srv/docker/vaultwarden/data:/data
     ports:
 #      - 3012:3012
 #      - 127.0.0.1:8001:8001
       - 8001:8001
-      
\ No newline at end of file
+
+networks:
+  traefik-public:
+    external: true
\ No newline at end of file