dani-garcia/vaultwarden(github.com)

mkdir -p /home/cokan/docker/bitwarden

docker run -d \
--name vaultwarden \
-v /home/cokan/docker/bitwarden:/data/ \
-p 9527:80 \
vaultwarden/server:latest

2022-09-28T08:14:12.png
2022-09-28T08:15:17.png
2022-09-28T08:15:40.png

# 上海时区
TZ=Asia/Shanghai

# 启用或禁用新用户注册:true启用,false禁用
SIGNUPS_ALLOWED=false

# 设置web访问域名
DOMAIN=https://vault.yourdomain.com

# 设置SQLites数据库存储路径及数据库名
DATABASE_URL=data/vaultwarden.db

# 设置日志路径
LOG_FILE=data/access.log

# 日志级别选项:trace、debug、info、warn、error 以及 off
LOG_LEVEL=warn
EXTENDED_LOGGING=true

# 启用管理后台并设置token,默认为空不启用,设置token后则启用
ADMIN_TOKEN=XXXXXXXXXXXX

# 是否启用WebSocket通知:true启用,false禁用
WEBSOCKET_ENABLED=true

# 是否启用web客户端:true启用,false禁用
WEB_VAULT_ENABLED=true

# 修改线程,默认为10,若用户多可修改为更大,一般默认不需要设置
ROCKET_WORKERS=20

# 显示密码提示:true启用,false禁用
SHOW_PASSWORD_HINT=false

# 设置SMTP
SMTP_HOST=smtp.test.com
[email protected]
SMTP_PORT=465
[email protected]
SMTP_PASSWORD=password
# 自v1.25.0起,不再设置SMTP_SSL和SMTP_EXPLICIT_TLS,使用SMTP_SECURITY替代,它有以下选项:starttls、force_tls和off。
# 465端口使用force_tls,587端口使用starttls,25端口使用off。
SMTP_SECURITY=force_tls

# 启用或禁用邀请:true启用,false禁用
INVITATIONS_ALLOWED=false

# 启用或禁用分享发送功能,默认开启,启用true,禁用false
SENDS_ALLOWED=false

1. vaultwarden+caddy 

#!/bin/bash
export yourdomain="cokan.xyz"
export DATA_DOCKER="/home/cokan/docker"
export DATA_BW="${DATA_DOCKER}/bitwarden"


mkdir -p ${DATA_BW}/caddy-config
mkdir -p ${DATA_BW}/caddy-data
mkdir -p ${DATA_BW}/vw-data
mkdir -p ${DATA_BW}/data
mkdir -p ${DATA_BW}/caddy-logs

if [ ! -d ${DATA_BW}/ssl ];then
   sudo mkdir -p ${DATA_BW}/ssl
fi
cat << EOF | sudo tee ${DATA_BW}/ssl/cokan.cer
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----
EOF

cat << EOF | sudo tee ${DATA_BW}/ssl/cokan.key
-----BEGIN PRIVATE KEY-----

-----END PRIVATE KEY-----
EOF

docker pull caddy:2
docker pull vaultwarden/server:latest

cat << EOF | sudo tee ${DATA_BW}/docker-compose.yml
version: '3'

services:
  vaultwarden:
    image: vaultwarden/server:latest
    container_name: vaultwarden
    restart: always
    environment:
      - WEBSOCKET_ENABLED=true  # Enable WebSocket notifications.
    volumes:
      - ./vw-data:/data

  caddy:
    image: caddy:2
    container_name: caddy
    restart: always
    ports:
      - 443:443
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - ./ssl:/etc/ssl
      - ./caddy-config:/config
      - ./caddy-data:/data
      - ./caddy-logs:/logs
    environment:
      - DOMAIN=https://bw.${yourdomain}
EOF


cat << EOF | sudo tee ${DATA_BW}/Caddyfile
bw.${yourdomain} {
  tls /etc/ssl/cokan.cer /etc/ssl/cokan.key

  encode gzip
  reverse_proxy /notifications/hub vaultwarden:3012
  reverse_proxy vaultwarden:80
}
EOF

cd ${DATA_BW}
docker-compose up -d

这里编辑收缩框内容

最后修改:2022 年 09 月 28 日
© 允许规范转载
如果觉得我的文章对你有用,请随意赞赏