From 0050f08ac2f41f4702aef2270639a2353eee663d Mon Sep 17 00:00:00 2001 From: peskyadmin Date: Wed, 9 Apr 2025 22:50:57 -0500 Subject: [PATCH] init manual --- README.md | 60 ++++++++++++++++++++++++---------------------- docker-compose.yml | 2 +- 2 files changed, 32 insertions(+), 30 deletions(-) diff --git a/README.md b/README.md index 021b658..6c7f146 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ -# {{Service}} with Tailscale Integration +# VaultWarden with Tailscale Integration -![{{Service}} with Tailscale](https://jellyfin.org/images/logo.svg "{{Service}}") +![VaultWarden with Tailscale](https://www.vaultwarden.net/assets/images/logo-dark.png "VaultWarden") -This project sets up a {{Service}} instance with Tailscale VPN integration using Docker Compose. It creates a secure, private network connection for your {{Service}} instance using Tailscale. +This project sets up a VaultWarden instance with Tailscale VPN integration using Docker Compose. It creates a secure, private network connection for your VaultWarden instance using Tailscale. ## Prerequisites @@ -12,33 +12,36 @@ This project sets up a {{Service}} instance with Tailscale VPN integration using ## Project Structure ``` -ts-{{service}}/ +ts-vaultwarden/ ├── docker-compose.yml ├── tailscale/ -│ ├── tailscale-data/ # Persistent Tailscale state -│ └── config/ # Tailscale configuration files -└── {{service}}/ - └── config/ # {{service}} configuration files +│ ├── tailscale-data/ # Persistent Tailscale state +│ └── config/ # Tailscale configuration files +└── vaultwarden/ + └── data/ # VaultWarden data ``` ## Setup Instructions 1. **Clone the Repository** ```bash - git clone https://gitea.damconsulting.llc/DAM/ts-{{service}} - cd ts-{{service}} + git clone https://gitea.damconsulting.llc/DAM/ts-vaultwarden + cd ts-vaultwarden ``` 2. Create Required Directories ```bash - mkdir -p tailscale/tailscale-data + mkdir -p tailscale/tailscale-data vaultwarden/data ``` 3. Configure Tailscale - Replace `{{YOUR_TAILSCALE_AUTHKEY}}` in the docker-compose.yml with your actual Tailscale auth key - Optionally, update the file in `tailscale/config/serve.json` if you need specific Tailscale serve configurations - CAUTION: Changing `"${TS_CERT_DOMAIN}:443": false` to `true` will expose the service to the internet -4. Configure {{Service}} - - See {{service_docs}} for configuration options +4. Configure VaultWarden + - Replace `{{YOUR_DOMAIN}}` in the `docker-compose.yml` + - To enable the admin panel follow these [directions](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-admin-page#secure-the-admin_token) + - **OPTIONAL** Vaultwarden's configuration is primarily managed through environment variables or a [.env file](https://github.com/dani-garcia/vaultwarden/blob/main/.env.template) for configuration options + - [Helpful Tutorial](https://www.techaddressed.com/tutorials/vaultwarden-docker-compose/#cost-features) 5. Start the Services ```bash @@ -48,39 +51,39 @@ ts-{{service}}/ 6. Wait for Certificate to propagate [~2m] 7. Login - - After starting the services your service should be available via tailnet at https://{{service}}.{{YOUR_TAILNET_DOMAIN}}.ts.net ie https://{{service}}.tail12345.ts.net/ + - After starting the services your service should be available via tailnet at https://vaultwarden.{{YOUR_TAILNET_DOMAIN}}.ts.net ie https://vaultwarden.tail12345.ts.net/ ## Services -### {{service}}-ts (Tailscale) +### vaultwarden-ts (Tailscale) - Runs Tailscale VPN client - Image: tailscale/tailscale:latest -- Container name: {{service}}-ts -- Hostname: {{service}} +- Container name: vaultwarden-ts +- Hostname: vaultwarden - Requires NET_ADMIN and SYS_MODULE capabilities - Persists state in ./tailscale/tailscale-data - Uses configuration from ./tailscale/config -### {{service}} +### vaultwarden -- Depends on {{service}}-ts service +- Depends on vaultwarden-ts service ## Usage -- After starting the services your service should be available via tailnet at `https://{{service}}.{{YOUR_TAILNET_DOMAIN}}.ts.net` ie `https://{{service}}.tail12345.ts.net/` +- After starting the services your service should be available via tailnet at `https://vaultwarden.{{YOUR_TAILNET_DOMAIN}}.ts.net` ie `https://vaultwarden.tail12345.ts.net/` - To manually get the Tailscale IP/hostname of your container: ```bash - docker logs {{service}}-ts + docker logs vaultwarden-ts ``` Look for the Tailscale IP address in the logs. ## Optional Features -- Uncomment and adjust the ports mapping if you need direct access (without Tailscale): +- Add the port mapping if you need direct access (without Tailscale): ```yaml ports: - - 3000:3000 + - 80:80 ``` - Stopping the Services ```bash @@ -90,19 +93,18 @@ ts-{{service}}/ ## Troubleshooting - Check container logs: ```bash - docker logs {{service}}-ts - docker logs {{service}} + docker logs vaultwarden-ts + docker logs vaultwarden ``` - Ensure your Tailscale auth key is valid and not expired - Verify the configuration files have proper permissions - Make sure required directories exist before starting ## Notes -- The {{Service}} service uses the Tailscale service's network stack via `network_mode: service:{{service}}-ts` +- The VaultWarden service uses the Tailscale service's network stack via `network_mode: service:vaultwarden-ts` - Direct port mapping is disabled by default as Tailscale handles the networking - Services restart automatically unless explicitly stopped - For more information: - Tailscale documentation: https://tailscale.com/kb/ - - {{Service}} documentation: {{service_docs}} - - {{Service}} repository: {{service_repo}} - - {{Service}} linuxserve.io: {{service_lcsr}} \ No newline at end of file + - VaultWarden documentation: https://github.com/dani-garcia/vaultwarden/wiki + - VaultWarden repository: https://github.com/dani-garcia/vaultwarden \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index f526027..a779cd7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -22,7 +22,7 @@ services: environment: DOMAIN: "https://vaultwarden.{{YOUR_DOMAIN}}.com" # <---- Your domain here! --- ie https://vaultwarden.tail123456.ts.net/ volumes: - - ./vw-data:/data + - ./vaultwarden/data:/data network_mode: service:vaultwarden-ts depends_on: - vaultwarden-ts \ No newline at end of file