services:
  vaultwarden:
    labels:
      - traefik.http.routers.vaultwarden.rule=Host(`vaultwarden.rschneider.net`)
      - traefik.http.routers.vaultwarden.tls=true
      - traefik.http.routers.vaultwarden.service=vaultwarden
      - traefik.http.services.vaultwarden.loadbalancer.server.port=80
      - traefik.http.routers.vaultwarden-public.rule=Host(`password.rschneider.hu`)
      - traefik.http.routers.vaultwarden-public.tls=true
      - traefik.http.routers.vaultwarden-public.service=vaultwarden-public
      - traefik.http.services.vaultwarden-public.loadbalancer.server.port=80
#      - traefik.http.middlewares.test-redirectscheme.redirectscheme.scheme=https
#      - traefik.http.middlewares.test-redirectscheme.redirectscheme.permanent=true
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    environment:
      # DOMAIN: "https://vaultwarden.example.com"  # required when using a reverse proxy; your domain; vaultwarden needs to know it's https to work properly with attachments
      SIGNUPS_ALLOWED: "true" # Deactivate this with "false" after you have created your account so that no strangers can register
    volumes:
      - ./vw-data:/data # the path before the : can be changed
    ports:
      - 4111:80 # you can replace the 11001 with your preferred port
    networks:
      traefik_traefik:

networks:
  traefik_traefik:
    external: true