feat: use prebuilt image, bind mount and custom network in docker-compose

2026-04-05 17:41:06 +02:00
parent 6cbcb272d0
commit 775186038e
4 changed files with 52 additions and 43 deletions
--- a/docs/backup-restore.md
+++ b/docs/backup-restore.md
@@ -82,12 +82,11 @@ In addition to the application-level backup, you can also back up the Docker vol
 # Stop the container
 docker compose down

-# Backup the volume
-docker run --rm -v keywarden_keywarden_data:/data -v $(pwd):/backup \
-  alpine tar czf /backup/keywarden-volume-backup.tar.gz /data
+# Backup the data directory
+tar czf keywarden-volume-backup.tar.gz ./data

 # Start the container
 docker compose up -d
 ```

-This captures the raw SQLite database file and all data files. Note that this backup is **not encrypted** — protect it accordingly.
+Since data is stored in the `./data` bind mount on the host, you can back it up directly without needing a helper container. Note that this backup is **not encrypted** — protect it accordingly.
--- a/docs/deployment.md
+++ b/docs/deployment.md
@@ -34,15 +34,18 @@ A complete `docker-compose.yml`:
 ```yaml
 services:
  keywarden:
-    build: .
+    image: git.techniverse.net/scriptos/keywarden:latest
    container_name: keywarden
    restart: unless-stopped
    ports:
      - "${KEYWARDEN_PORT:-8080}:${KEYWARDEN_PORT:-8080}"
    volumes:
-      - keywarden_data:/data
+      - ./data:/data
    env_file:
      - .env
+    networks:
+      keywarden_net:
+        ipv4_address: 172.23.64.10
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:${KEYWARDEN_PORT:-8080}/api/health"]
      interval: 30s
@@ -50,9 +53,15 @@ services:
      start_period: 10s
      retries: 3

-volumes:
-  keywarden_data:
-    driver: local
+networks:
+  keywarden_net:
+    name: keywarden.dockernetwork.local
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.23.64.0/24
+          gateway: 172.23.64.1
+          ip_range: 172.23.64.128/25
 ```

 ### Environment File (.env)
@@ -180,12 +189,9 @@ The Docker HEALTHCHECK is configured automatically in the Dockerfile.
 To update Keywarden:

 ```bash
-# Pull latest changes (if building from source)
-git pull
-
-# Rebuild and restart
+# Pull latest image and restart
+docker compose pull
 docker compose down
-docker compose build --no-cache
 docker compose up -d
 ```

--- a/docs/quickstart.md
+++ b/docs/quickstart.md
@@ -43,33 +43,28 @@ services:
    ports:
      - "${KEYWARDEN_PORT:-8080}:${KEYWARDEN_PORT:-8080}"
    volumes:
-      - keywarden_data:/data
+      - ./data:/data
    env_file:
      - .env
+    networks:
+      keywarden_net:
+        ipv4_address: 172.23.64.10
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:${KEYWARDEN_PORT:-8080}/api/health"]
+      interval: 30s
+      timeout: 5s
+      start_period: 10s
+      retries: 3

-volumes:
-  keywarden_data:
-    driver: local
-```
-
-Or, to build from source:
-
-```yaml
-services:
-  keywarden:
-    build: .
-    container_name: keywarden
-    restart: unless-stopped
-    ports:
-      - "${KEYWARDEN_PORT:-8080}:${KEYWARDEN_PORT:-8080}"
-    volumes:
-      - keywarden_data:/data
-    env_file:
-      - .env
-
-volumes:
-  keywarden_data:
-    driver: local
+networks:
+  keywarden_net:
+    name: keywarden.dockernetwork.local
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.23.64.0/24
+          gateway: 172.23.64.1
+          ip_range: 172.23.64.128/25
 ```

 ## 4. Start Keywarden