Skip to content

Latest commit

 

History

History
55 lines (37 loc) · 2.08 KB

README.md

File metadata and controls

55 lines (37 loc) · 2.08 KB

NPM Logo

06. Vaultwarden

NPM Banner

In this Tutorial we are going to setup Vaultwarden as our Password Manager

Video

In this video I demonstrate how to install Vaultwarden on a Ubuntu Virtual Machine (in ProxMox) inside a Docker container.

Video

Links

Prerequisites

05. Databases

Network Preparations

These steps are explained in this video:

1️⃣ Forward port 7000 on your Router
2️⃣ Add A-Record
3️⃣ Add NPM Proxy Host
4️⃣ Clone latest Sources

Install Vaultwarden

  • Create a Vaultwarden Hash for the $TF_VAR_VAULTWARDEN_ADMIN_TOKEN environment variable (based on the $TF_VAR_VAULTWARDEN_ADMIN_PASSWORD environment variable)

    # Strong Password
nano $TF_VAR_PATH/.bash_profile
echo $TF_VAR_VAULTWARDEN_ADMIN_PASSWORD

# Get Hash
docker run --rm -it vaultwarden/server:${TF_VAR_VERSION_DOCKER_VAULTWARDEN} ./vaultwarden hash

  • Install Vaultwarden

    $TF_VAR_COT compose -f $TF_VAR_PATH_APP/docker/$TF_VAR_VAULTWARDEN_NAME/docker-compose.yaml up -d --wait --build

    Tutorials/SS/SS.APP/docker/vaultwarden/docker-compose.yaml

    Lines 1 to 58 in 9ef3987

    version: "3.8"
    services:
    vaultwarden-postgres: # ${TF_VAR_VAULTWARDEN_NAME}-${TF_VAR_POSTGRES_NAME}
    extends:
    service: ${TF_VAR_POSTGRES_NAME}
    file: ${TF_VAR_PATH_APP}/docker/${TF_VAR_POSTGRES_NAME}/docker-compose.yaml
    container_name: ${TF_VAR_VAULTWARDEN_NAME}-${TF_VAR_POSTGRES_NAME}
    volumes:
    - $HOME/docker/${TF_VAR_VAULTWARDEN_NAME}/${TF_VAR_POSTGRES_NAME}:/var/lib/postgresql/data
    environment:
    POSTGRES_DB: ${TF_VAR_VAULTWARDEN_NAME}
    networks:
    - ${TF_VAR_VAULTWARDEN_NAME}
    vaultwarden: # ${TF_VAR_VAULTWARDEN_NAME}
    depends_on:
    - ${TF_VAR_VAULTWARDEN_NAME}-${TF_VAR_POSTGRES_NAME}
    image: vaultwarden/server:${TF_VAR_VERSION_DOCKER_VAULTWARDEN}
    container_name: ${TF_VAR_VAULTWARDEN_NAME}
    restart: unless-stopped
    volumes:
    - $HOME/docker/${TF_VAR_VAULTWARDEN_NAME}/:/data/
    ports:
    - ${TF_VAR_VAULTWARDEN_PORT_EXT}:${TF_VAR_VAULTWARDEN_PORT_INT}
    environment:
    - DATABASE_URL=postgresql://${TF_VAR_POSTGRES_USER}:${TF_VAR_POSTGRES_PASSWORD}@${TF_VAR_VAULTWARDEN_NAME}-${TF_VAR_POSTGRES_NAME}:${TF_VAR_POSTGRES_PORT_INT}/${TF_VAR_VAULTWARDEN_NAME}
    - ADMIN_TOKEN=${TF_VAR_VAULTWARDEN_ADMIN_TOKEN}
    - DOMAIN=https://${TF_VAR_VAULTWARDEN_DOMAIN}
    - SMTP_HOST=${TF_VAR_SMTP_HOST}
    - SMTP_FROM=${TF_VAR_VAULTWARDEN_NAME}@${TF_VAR_DOMAIN}
    - SMTP_FROM_NAME=${TF_VAR_VAULTWARDEN_NAME}
    - SMTP_SECURITY=${TF_VAR_SMTP_SECURITY}
    - SMTP_PORT=${TF_VAR_SMTP_PORT}
    - SMTP_USERNAME=${TF_VAR_SMTP_USERNAME}
    - SMTP_PASSWORD=${TF_VAR_SMTP_PASSWORD}
    - SMTP_TIMEOUT=30
    - SMTP_AUTH_MECHANISM=Login
    - LOGIN_RATELIMIT_MAX_BURST=10
    - LOGIN_RATELIMIT_SECONDS=60
    - INVITATION_ORG_NAME=${TF_VAR_VAULTWARDEN_NAME}
    - INVITATIONS_ALLOWED=false
    - SIGNUPS_ALLOWED=true
    - SIGNUPS_DOMAINS_WHITELIST=${TF_VAR_VAULTWARDEN_DOMAIN}
    - SIGNUPS_VERIFY=true
    - SIGNUPS_VERIFY_RESEND_TIME=3600
    - SIGNUPS_VERIFY_RESEND_LIMIT=1
    - EMERGENCY_ACCESS_ALLOWED=false
    - SHOW_PASSWORD_HINT=false
    - SENDS_ALLOWED=true
    - WEB_VAULT_ENABLED=true
    networks:
    - ${TF_VAR_VAULTWARDEN_NAME}
    networks:
    vaultwarden: # ${TF_VAR_VAULTWARDEN_NAME}
    name: ${TF_VAR_VAULTWARDEN_NAME}
    driver: bridge

Configure Vaultwarden