Build Bitwarden Personal Password Vault

Leave a Comment / / RayCNs

Original link: https://www.raycns.com/archives/967.html

foreword

With the increasing number of websites that need to be registered, the leaked information of network information of major websites is released, so that we need to protect personal private information. The password is the key. In the past, all my passwords shared a set of passwords. Once the information was leaked, the consequences would be unimaginable. The tools introduced in today’s article can solve this problem very well, and the data is in my own hands.

text

Prepare

  • Linux server
  • Domain name and corresponding SSL certificate
  • Public network IPV4 or IPV6
  • *Intranet penetration tool

Install Bitwarden

Install docker and docker-compose

Go to Baidu to search and install by yourself

Install Bitwarden

  1. Create Bitwarden local storage folder

     mkdir -p /data/bitwarden && cd /data/bitwarden

  2. Create docker-compose configuration file

     cat >> docker-compose.yml <<EOF version: '3' services: # 服务名称bitwarden: # 指定使用Docker Hub 中的最新镜像image: bitwardenrs/server:latest # 容器名称container_name: bitwarden # 开机自动启动restart: always # 指定容器内的/data 目录挂载到宿主机的当前目录下的/data/bitwarden/data 目录,这样你可以在宿主机上执行数据库的备份操作volumes: - /data/bitwarden/data:/data # bitwarden配置environment: # 开启网页访问WEB_VAULT_ENABLED: 'true' # 开启新用户注册,注册成功后将true改为false即可开启禁止注册SIGNUPS_ALLOWED: 'true' # 禁止邀请INVITATIONS_ALLOWED: 'false' # 开启长连接WEBSOCKET_ENABLED: 'true' # 开启超级管理页面,此变量中的'some_random_token_as_per_above_explanation'为你自定义的一串任意字符。开启后https://你的域名/admin为管理界面ADMIN_TOKEN: 'some_random_token_as_per_above_explanation' # 启用日志记录LOG_FILE: /data/bitwarden.log # 将容器内的80/3012端口映射到宿主机的2333/2334端口;其中80端口为HTTP 服务,3012 端口是websockets 服务ports: - 2333:80 - 2334:3012 EOF

  1. Nginx reverse proxy configuration

     #bitwarden location / { proxy_pass http://127.0.0.1:7006; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } location /notifications/hub { proxy_pass http://127.0.0.1:7007; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } location /notifications/hub/negotiate { proxy_pass http://127.0.0.1:7006; }

  2. start the docker service

     docker-compose up -d

configure bitwarden

Set up reverse proxy

Reverse proxy http://127.0.0.1:2333/

Tutorial online search

Whether the test was successful

Browser: use https://你的域名:2333

Client: Self-hosted environment server URL fill https://你的域名:2333

This article is reprinted from: https://www.raycns.com/archives/967.html
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment