services:

  vaultwarden:
    image: vaultwarden/server
    container_name: ${vaultwardenServName}
    restart: ${restartPolicy}
    depends_on:
      db:
        condition: service_healthy
    links:
      - db
    environment:
#      - SIGNUPS_DOMAINS_WHITELIST=${domain}
      - SIGNUPS_VERIFY=true
      - SMTP_HOST=smtp
      - SMTP_FROM=${vaultwardenHost}@${domain}
      - SMTP_PORT=25
      - SMTP_SECURITY=off
      - DOMAIN=https://${vaultwardenHost}.${domain}
    env_file:
      - ../../secret/env-${vaultwardenServName}
    networks:
      - vaultwardenNet
      - postfixNet
    volumes:
      - vaultwarden-data:/data
      - ./templates:/data/templates
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.${vaultwardenServName}.rule=Host(`${vaultwardenHost}.${domain}`)"
      - "traefik.docker.network=vaultwardenNet"

  db:
    image: mariadb:10.5
    container_name: ${vaultwardenDBName}
    restart: ${restartPolicy}
    networks:
      - vaultwardenNet
    env_file:
      - ../../secret/env-${vaultwardenDBName}
    volumes:
      - vaultwardenDB:/var/lib/mysql
      - /home/sauve/:/svg/
      - /etc/localtime:/etc/localtime:ro
      - /etc/timezone:/etc/timezone:ro
    healthcheck:
      test: ["CMD", "mysqladmin", "ping", "--silent"]
      interval: 30s
      timeout: 30s
      retries: 5

volumes:
  vaultwarden-data:
  vaultwardenDB:

networks:
  vaultwardenNet:
    external: true
    name: vaultwardenNet
  postfixNet:
    external: true
    name: postfixNet