Page:
Caddy 2.x with Cloudflare DNS
Pages
Audits
Backing up your vault
Building binary
Building your own docker image
Caddy 2.x with Cloudflare DNS
Changing persistent data location
Changing the API request size limit
Changing the number of workers
Configuration overview
Customize Vaultwarden CSS
Deployment examples
Differences from the upstream API implementation
Disable admin token
Disable invitations
Disable registration of new users
Disabling or overriding the Vault interface hosting
Docker Traefik ModSecurity Setup
Enable admin page
Enabling HTTPS
Enabling Mobile Client push notification
Enabling U2F (and FIDO2 WebAuthn) authentication
Enabling U2F authentication
Enabling WebSocket notifications
Enabling Yubikey OTP authentication
Enabling admin page secure the admin_token
Enabling admin page
FAQs
Fail2Ban Setup
General (not docker)
Hardening Guide
Home
Importing data from Keepass or KeepassX
Kubernetes deployment
Logging
Logrotate example
Migrating from MariaDB (MySQL) to SQLite
Other configuration
Password hint display
Pre built binaries
Private CA and self signed certs that work with Chrome
Proxy examples
Running a private vaultwarden instance with Let's Encrypt certs
Running docker container with non root user
Running without WAL enabled
SMTP Configuration
Setup as a systemd service
Starting a Container
Supporting upstream
Syncing users from LDAP
Testing SSO
Third party packages
Translating the email templates
Updating the vaultwarden image
Using Docker Compose
Using Podman
Using an alternate base dir
Using the MariaDB (MySQL) Backend
Using the MySQL Backend
Using the PostgreSQL Backend
Which container image to use
12
Caddy 2.x with Cloudflare DNS
Daniel edited this page 2024-05-28 11:45:58 +03:00
Dockerfile (Caddy Builder)
FROM caddy:builder AS builder
RUN xcaddy build --with github.com/caddy-dns/cloudflare
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
build command
docker build -t [YOUR-NAME]/caddycfdns .
Caddyfile (as reverse proxy)
[YOUR-DOMAIN] {
tls {
dns cloudflare [API-KEY]
}
# For the remaining config, see https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples
}
docker-compose.yml
version: '3'
services:
vaultwarden:
image: vaultwarden/server
restart: always
volumes:
- $PWD/vw-data:/data
environment:
SIGNUPS_ALLOWED: 'false' # set to false to disable signups
DOMAIN: 'https://[DOMAIN]'
SMTP_HOST: '[MAIL-SERVER]'
SMTP_FROM: '[E-MAIL]'
SMTP_PORT: '587'
SMTP_SECURITY: 'starttls'
SMTP_USERNAME: '[E-MAIL]'
SMTP_PASSWORD: '[SMTP-PASS]'
# ADMIN_TOKEN: '[RAND. GENERATE]'
# YUBICO_CLIENT_ID: '[OPTIONAL]'
# YUBICO_SECRET_KEY: '[OPTIONAL]'
caddy:
image: [YOUR-NAME]/caddycfdns
restart: always
volumes:
- $PWD/Caddyfile:/etc/caddy/Caddyfile
- caddy_data:/data
- caddy_config:/config
- caddy_log:/logs
ports:
- [PRIVATE-IP]:443:443
environment:
ACME_AGREE: 'true'
CLOUDFLARE_EMAIL: '[YOUR-EMAIL]'
CLOUDFLARE_API_TOKEN: '[YOUR-TOKEN]'
DOMAIN: '[DOMAIN]'
volumes:
caddy_data:
caddy_config:
caddy_log:
FAQs
Container Image Usage
- Which container image to use
- Starting a container
- Updating the vaultwarden image
- Using Docker Compose
- Using Podman
Deployment
- Building your own docker image
- Building binary
- Pre-built binaries
- Third-party packages
- Deployment examples
- Proxy examples
- Logrotate example
HTTPS
Configuration
- Overview
- Disable registration of new users
- Disable invitations
- Enabling admin page
- Disable the admin token
- Enabling WebSocket notifications
- Enabling Mobile Client push notification
- Enabling U2F and FIDO2 WebAuthn authentication
- Enabling YubiKey OTP authentication
- Changing persistent data location
- Changing the API request size limit
- Changing the number of workers
- SMTP configuration
- Translating the email templates
- Password hint display
- Disabling or overriding the Vault interface hosting
- Logging
- Creating a systemd service
- Syncing users from LDAP
- Using an alternate base dir (subdir/subpath)
- Other configuration
Database
- Using the MariaDB (MySQL) Backend
- Using the PostgreSQL Backend
- Running without WAL enabled
- Migrating from MariaDB (MySQL) to SQLite