a987d45fbc
Set up three-tier synchronization: Syncthing (real-time), GitHub (version control), rsync (disaster recovery). Includes complete documentation for future Claude sessions. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
44 lines
1 KiB
YAML
44 lines
1 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
vault:
|
|
image: hashicorp/vault:1.21
|
|
container_name: vault
|
|
restart: unless-stopped
|
|
cap_add:
|
|
- IPC_LOCK
|
|
networks:
|
|
- vault-internal
|
|
- traefik-public
|
|
ports:
|
|
- "127.0.0.1:8200:8200"
|
|
environment:
|
|
VAULT_ADDR: 'http://127.0.0.1:8200'
|
|
VAULT_API_ADDR: 'https://vault-admin.ai-impress.com'
|
|
VAULT_UI: 'true'
|
|
volumes:
|
|
- ./config:/vault/config:ro
|
|
- ./data:/vault/data
|
|
- ./logs:/vault/logs
|
|
command: server
|
|
labels:
|
|
- "traefik.enable=true"
|
|
- "traefik.http.routers.vault.rule=Host(`vault-admin.ai-impress.com`)"
|
|
- "traefik.http.routers.vault.entrypoints=websecure"
|
|
- "traefik.http.routers.vault.tls.certresolver=cloudflare"
|
|
- "traefik.http.services.vault.loadbalancer.server.port=8200"
|
|
healthcheck:
|
|
test: ["CMD", "vault", "status"]
|
|
interval: 30s
|
|
timeout: 5s
|
|
retries: 3
|
|
start_period: 30s
|
|
|
|
volumes:
|
|
vault-data:
|
|
|
|
networks:
|
|
vault-internal:
|
|
external: true
|
|
traefik-public:
|
|
external: true
|