diff --git a/dns/zones/home.mnke.org.zone b/dns/zones/home.mnke.org.zone
index 9c5391b..c1c3cb1 100644
--- a/dns/zones/home.mnke.org.zone
+++ b/dns/zones/home.mnke.org.zone
@@ -1,7 +1,8 @@
 $ORIGIN home.mnke.org.
-@                     900       IN  SOA           dns-server. hostadmin 14 900 300 604800 900
+@                     900       IN  SOA           dns-server. hostadmin 15 900 300 604800 900
 @                     3600      IN  NS            dns-server.
 db                    600       IN  CNAME         truenas
 nas                   600       IN  CNAME         truenas
 truenas               600       IN  A             10.0.0.160
 truenas-gpu           600       IN  A             10.0.0.250
+dns                   600       IN  A             10.0.123.123
diff --git a/dns/zones/mnke.org.zone b/dns/zones/mnke.org.zone
index c21d8bf..3052999 100644
--- a/dns/zones/mnke.org.zone
+++ b/dns/zones/mnke.org.zone
@@ -1,6 +1,7 @@
 $ORIGIN mnke.org.
-@                     900       IN  SOA           dns-server. hostadmin 12 900 300 604800 900
+@                     900       IN  SOA           dns-server. hostadmin 13 900 300 604800 900
 @                     3600      IN  NS            dns-server.
 authentik             600       IN  CNAME         authentik.dolo
 blog                  600       IN  CNAME         blog.dolo
 git                   600       IN  CNAME         git.jumper
+vault                 600       IN  CNAME         vault.jumper
diff --git a/docker/compose/gitea/docker-compose.yml b/docker/compose/gitea/docker-compose.yml
index ec421a6..812c1f2 100644
--- a/docker/compose/gitea/docker-compose.yml
+++ b/docker/compose/gitea/docker-compose.yml
@@ -38,7 +38,7 @@ services:
       resources:
         limits:
           cpus: '0.50'
-          memory: 512M
+          memory: 1024M
         reservations:
           cpus: '0.1'
           memory: 64M
diff --git a/docker/compose/vaultwarden/docker-compose.yml b/docker/compose/vaultwarden/docker-compose.yml
new file mode 100644
index 0000000..d0474f3
--- /dev/null
+++ b/docker/compose/vaultwarden/docker-compose.yml
@@ -0,0 +1,31 @@
+---
+networks:
+  traefik:
+    external: true
+
+services:
+  vaultwarden:
+    image: vaultwarden/server:1.33.2-alpine
+    container_name: vaultwarden
+    restart: unless-stopped
+    networks:
+      - traefik
+    environment:
+      DOMAIN: "https://${VAULTWARDEN_HOST:-vault.mnke.org}"
+    volumes:
+      - ${VAULTWARDEN_DATA:-/mnt/docker/volumes/vaultwarden/data}/:/data/
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.vaultwarden.rule=Host(`vault.mnke.org`) || Host(`vault.jumper.mnke.org`)"
+      - "traefik.http.routers.vaultwarden.entrypoints=websecure"
+      - "traefik.http.routers.vaultwarden.tls=true"
+      - "traefik.http.services.vaultwarden.loadbalancer.server.port=80"
+      - "traefik.docker.network=traefik"
+    deploy:
+      resources:
+        limits:
+          cpus: '0.50'
+          memory: 512M
+        reservations:
+          cpus: '0.1'
+          memory: 64M