Dies ist eine alte Version des Dokuments!
Vaultwarden ohne Docker
Am einfachsten Vaultwarden ohne Docker zu installieren ist das Docker Image zu extrahieren. Dieses Vorgehen wird nachfolgend erläutert und basiert auf https://www.bloovis.com/posts/2023-10-06-vaultwarden-without-docker/.
Vaultwarden installieren
Vorbereitung zur Docker Extraktion:
mkdir vw-image cd vw-image wget https://raw.githubusercontent.com/jjlin/docker-image-extract/main/docker-image-extract chmod +x docker-image-extract
Extraktion des Docker Image:
./docker-image-extract vaultwarden/server:latest
Erstellung der notwendigen Verzeichnisse:
mkdir /opt/vaultwarden mkdir /var/lib/vaultwarden mkdir /var/lib/vaultwarden/data
Erstellung eines Benutzers und dessen Berechtigungen:
useradd vaultwarden chown -R vaultwarden:vaultwarden /var/lib/vaultwarden
Verschieben der Vaultwarden Dateien in die neuen Verzeichnisse:
mv output/vaultwarden /opt/vaultwarden mv output/web-vault /var/lib/vaultwarden
Löschen der nicht mehr benötigten Dateien:
rm -Rf output rm -Rf docker-image-extract
Vaultwarden konfigurieren
Hash Generierung des Adminpassworts
/opt/vaultwarden/vaultwarden hash
Anlegen der Konfigurationsdatei /var/lib/vaultwarden/.env
ROCKET_ADDRESS=<IP ADRESSE des Interface> DOMAIN=https://www.example.com/vaultwarden/ ORG_CREATION_USERS=user@example.com ADMIN_TOKEN='<hash produced by vaultwarden hash earlier>' SIGNUPS_ALLOWED=false SMTP_HOST=smtp.example.com SMTP_FROM=vaultwarden@example.com SMTP_FROM_NAME=Vaultwarden SMTP_PORT=587 # Ports 587 (submission) and 25 (smtp) are standard without encryption and with encryption via STARTTLS (Explicit TLS). Port 465 is outdated and us> SMTP_SSL=true # (Explicit) - This variable by default configures Explicit STARTTLS, it will upgrade an insecure connection to a secure one. Unless SMTP_EXPLICIT_> SMTP_EXPLICIT_TLS=false # (Implicit) - N.B. This variable configures Implicit TLS. It's currently mislabelled (see bug #851) - SMTP_SSL Needs to be set to true for this o> SMTP_USERNAME=user@example.com SMTP_PASSWORD=mysmtppassword SMTP_TIMEOUT=15
Erstellung der Dienstdatei
[Unit] Description=Bitwarden Server (Rust Edition) Documentation=https://github.com/dani-garcia/vaultwarden After=network.target [Service] User=vaultwarden Group=vaultwarden EnvironmentFile=/var/lib/vaultwarden/.env ExecStart=/opt/vaultwarden/vaultwarden LimitNOFILE=1048576 LimitNPROC=64 PrivateTmp=true PrivateDevices=true ProtectHome=true ProtectSystem=strict WorkingDirectory=/var/lib/vaultwarden ReadWriteDirectories=/var/lib/vaultwarden AmbientCapabilities=CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target
Autostart des Dienst && starten des Dienstes
systemctl enable vaultwarden systemctl start vaultwarden systemctl status vaultwarden
Update Script
Create empty script file and make it executable.
touch /root/Update_Vaultwarden.sh chmod +x /root/Update_Vaultwarden.sh
Paste the following content into the file
#!/bin/bash ### Author Oliver Lehmann ### Date: 12 January 2024 echo "Stopping service." systemctl stop vaultwarden echo "Creating Backup of Credentials Store." rm -R /root/Backups cd /var/lib/vaultwarden mkdir /root/Backups tar cfz /root/Backups/vaultwarden.tar.gz data .env &> /dev/null echo "Removing old directories." rm -R /opt/vaultwarden rm -R /var/lib/vaultwarden echo "Getting new Docker Version and Extractor" mkdir /root/vw-image cd /root/vw-image wget https://raw.githubusercontent.com/jjlin/docker-image-extract/main/docker-image-extract &> /dev/null chmod +x docker-image-extract ./docker-image-extract vaultwarden/server:latest &> /dev/null #./docker-image-extract vaultwarden/server:testing &> /dev/null echo "Setting up directories & moving new files." mkdir /opt/vaultwarden mkdir /var/lib/vaultwarden mv output/vaultwarden /opt/vaultwarden mv output/web-vault /var/lib/vaultwarden echo "Restoring backups and setting access permissions." cd /var/lib/vaultwarden tar xfz /root/Backups/vaultwarden.tar.gz chown -R vaultwarden:vaultwarden /var/lib/vaultwarden echo "Removing installation files." cd rm -R vw-image echo "Starting vaultwarden." systemctl start vaultwarden echo "****************************************************************" echo "" echo " The Backup will be removed with the next run of this script " echo "" echo "****************************************************************"
<