kemonine
/
lollipopcloud
Archived
1
0
Fork 0
Code Releases Activity
This repository has been archived on 2022-08-05. You can view files and clone it, but cannot push or open issues or pull requests.
lollipopcloud/services/bitwarden_rs.md

2.7 KiB
Raw Blame History

Bitwarden

bitwarden_rs inside a container. This is a re-implementation of the main Bitwarden server in rust. It is meant to replace the main Bitwarden server and provide a better self-hosting alternative. This server is compatible with the official Bitwarden clients. This image also contains the main Bitwarden web ui.

Inspiration / Sources

Install / Update / Run Script

Setup a generic script that'll auto update bitwarden, build a container and launch it. You should only run this script at first launch and/or when you're looking for updates.


mkdir -p /var/bitwarden

cat > /scratch/docker/bitwarden.sh <<EOF
#!/bin/bash

##########
# For postgresql instead of sqlite run the following commands
#docker exec -it postgres psql -U postgres
#create role bitwarden nocreatedb nocreaterole login PASSWORD 'password';
#create database bitwarden owner=bitwarden encoding=UTF8;

# Setup using the above database/username/role and ip of 172.30.12.12
##########

#    -e SMTP_HOST=<smtp.domain.tld> \
#    -e SMTP_FROM=<bitwarden@domain.tld> \
#    -e SMTP_PORT=587 \
#    -e SMTP_SSL=true \
#    -e SMTP_USERNAME=<username> \
#    -e SMTP_PASSWORD=<password> \

# openssl rand -base64 48
# -e ADMIN_TOKEN=[above_output]

ARCH=\`arch\`
if [ \$ARCH == "aarch64" ]
then
    ARCH="arm64v8"
else
    ARCH="arm32v7"
fi

docker pull registry.lollipopcloud.solutions/\$ARCH/bitwarden_rs

docker container stop bitwarden
docker container rm bitwarden

docker run \\
    --name bitwarden \\
    --restart unless-stopped \\
    --net docker-private \\
    --ip 172.30.12.23 \\
    -e TZ=UTC \\
    -e DEBUG=1 \\
    -e WEBSOCKET_ENABLED=true \\
    -e SIGNUPS_ALLOWED=false \\
    -e DOMAIN=https://bitwarden.domain.tld \\
    -e ADMIN_TOKEN=[see above] \\
    -v /var/bitwarden/:/data/ \\
    registry.lollipopcloud.solutions/\$ARCH/bitwarden_rs:latest

EOF

chmod a+x /scratch/docker/bitwarden.sh

Run Bitwarden

Simply execute /scratch/docker/bitwarden.sh to update/run Bitwarden.

Update Unbound


cat > /etc/unbound/local_zone/bitwarden.conf <<EOF
local-data: "bitwarden A 172.30.0.1"
local-data: "bitwarden.domain.tld A 172.30.0.1"
local-data-ptr: "172.30.0.1 bitwarden"
local-data-ptr: "172.30.0.1 bitwarden.domain.tld"
EOF

Further configuration

https://github.com/dani-garcia/bitwarden_rs/wiki/Fail2Ban-Setup has great information on how to configure Fail2Ban to help minimize attempts to hack your server.