From c366a6da4919ab6fe4a0da5da82fff8cc85625ac Mon Sep 17 00:00:00 2001
From: Nicole Rappe <cyberstrawberry101@gmail.com>
Date: Thu, 11 Jan 2024 22:45:13 -0700
Subject: [PATCH] Update Containers/Docker/Docker Compose/VaultWarden.md

---
 .../Docker/Docker Compose/VaultWarden.md      | 44 ++++++++++++++++---
 1 file changed, 38 insertions(+), 6 deletions(-)

diff --git a/Containers/Docker/Docker Compose/VaultWarden.md b/Containers/Docker/Docker Compose/VaultWarden.md
index 214e530..398de2b 100644
--- a/Containers/Docker/Docker Compose/VaultWarden.md	
+++ b/Containers/Docker/Docker Compose/VaultWarden.md	
@@ -21,12 +21,16 @@ services:
     networks:
         docker_network:
           ipv4_address: 192.168.5.15
-#    labels:
-#      - "traefik.enable=true"
-#      - "traefik.http.routers.vaultwarden.rule=Host(`vault.grymmweeper.com`)"
-#      - "traefik.http.routers.vaultwarden.entrypoints=web"
-#      - "traefik.http.routers.vaultwarden.tls.certresolver=letsencrypt"
-#      - "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.bunny-vaultwarden.rule=Host(`vault.bunny-lab.io`)"
+      - "traefik.http.routers.bunny-vaultwarden.entrypoints=websecure"
+      - "traefik.http.routers.bunny-vaultwarden.tls.certresolver=myresolver"
+      - "traefik.http.services.bunny-vaultwarden.loadbalancer.server.port=80"
+      - "traefik.http.routers.cyberstrawberry-vaultwarden.rule=Host(`vault.cyberstrawberry.net`)"
+      - "traefik.http.routers.cyberstrawberry-vaultwarden.entrypoints=websecure"
+      - "traefik.http.routers.cyberstrawberry-vaultwarden.tls.certresolver=myresolver"
+      - "traefik.http.services.cyberstrawberry-vaultwarden.loadbalancer.server.port=80"
 networks:
   default:
     external:
@@ -41,3 +45,31 @@ It is **CRITICAL** that you never share the `ADMIN_TOKEN` with anyone.  It allow
 ```jsx title=".env"
 Not Applicable
 ```
+## Traefik Reverse Proxy Configuration
+If the container does not run on the same host as Traefik, you will need to manually add configuration to Traefik's dynamic config file, outlined below.
+``` yaml
+http:
+  routers:
+    bunny-vaultwarden:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: myresolver
+      service: vaultwarden
+      rule: Host(`vault.bunny-lab.io`)
+
+    cyberstrawberry-vaultwarden:
+      entryPoints:
+        - websecure
+      tls:
+        certResolver: myresolver
+      service: vaultwarden
+      rule: Host(`vault.cyberstrawberry.net`)
+
+  services:
+    vaultwarden:
+      loadBalancer:
+        servers:
+          - url: http://192.168.5.15:80
+        passHostHeader: true
+```