Vaultwarden using Docker Compose with existing Certificates
Hello Friends,
I have a small ubuntu Server and I finally also want to transfer my Vaultwarden Instance to it. On this Server I have several services running (homeassistant, …) and Certbot via Dehydrated (right now I get a certificate for my duckdns address). In some directory I have the privkey and fullchain files.
Now my Problem is that when I start vaultwarden it wont load as https.
I believe, my Problem is telling Vaultwarden, where my certificate files are located so it can use them accordingly.
This is my Compose File right now:
<span style="color:#323232;"> vaultwarden:
</span><span style="color:#323232;"> container_name: vaultwarden
</span><span style="color:#323232;"> image: vaultwarden/server:latest
</span><span style="color:#323232;"> restart: unless-stopped
</span><span style="color:#323232;"> volumes:
</span><span style="color:#323232;"> - /home/vaultwarden:/data/
</span><span style="color:#323232;"> - /home/(directory to my certificates):/usr/share/ca-certificates/
</span><span style="color:#323232;"> ports:
</span><span style="color:#323232;"> - 8129:80
</span><span style="color:#323232;"> environment:
</span><span style="color:#323232;"> - DOMAIN=https://hurrdurr.duckdns.org
</span><span style="color:#323232;"> - LOGIN_RATELIMIT_MAX_BURST=10
</span><span style="color:#323232;"> - LOGIN_RATELIMIT_SECONDS=60
</span><span style="color:#323232;"> - ADMIN_RATELIMIT_MAX_BURST=10
</span><span style="color:#323232;"> - ADMIN_RATELIMIT_SECONDS=60
</span><span style="color:#323232;"> - ADMIN_TOKEN=token
</span><span style="color:#323232;"> - SENDS_ALLOWED=true
</span><span style="color:#323232;"> - EMERGENCY_ACCESS_ALLOWED=true
</span><span style="color:#323232;"> - WEB_VAULT_ENABLED=true
</span><span style="color:#323232;"> - SIGNUPS_ALLOWED=true
</span>
The Volume Mapping to the certificates was just me trying it out so maybe its working if I map it like that.
If I open the 8129 in my Browser it will just time out. I also managed it to start but it wouldnt let me register as theres not https certificate.