参考:
- https://github.com/dani-garcia/bitwarden_rs
宝塔+CloudFlare新建网站+SSL+强制https
创建数据目录
mkdir -p /data/bitwarden/data
# 也可以用google drive但容易出错 ln -s /data/gd_stanford/_host/bwh229/bitwarden/data ./data
Docker run
我选了 9013作为http和9012作为ws端口
# 如果是升级的话 docker pull bitwardenrs/server:latest
docker run -d \
--name bitwarden \
-p 9013:80 \
-p 9012:3012 \
--restart=always \
-e SIGNUPS_ALLOWED=true \
-e WEB_VAULT_ENABLED=true \
-e WEBSOCKET_ENABLED=true \
-v /data/bitwarden/data:/data \
bitwardenrs/server:latest添加反代
#PROXY-START/
location ~* \.(php|jsp|cgi|asp|aspx)$
{
proxy_pass http://127.0.0.1:9013;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
location /
{
proxy_pass http://127.0.0.1:9013;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
add_header X-Cache $upstream_cache_status;
#Set Nginx Cache
add_header Cache-Control no-cache;
expires 12h;
}
location /notifications/hub {
proxy_pass http://127.0.0.1:9012;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /notifications/hub/negotiate {
proxy_pass http://127.0.0.1:9013;
}
#PROXY-END/打开CloudFlare Proxy
验证
客户端配置
自动备份Backup
apt install sqlite3
cd /data/bitwarden/data
ln -s /data/gd_stanford/_host/bwh229/bitwarden/data/backup backup
cat > backup.sh <<EOF
#!/bin/sh
DB_FILE="/data/bitwarden/data/db.sqlite3"
BACKUP_DIR="/data/bitwarden/data/backup"
BACKUP_FILE="${BACKUP_DIR}/backup.sqlite3.$(date "+%F-%H%M%S")"
mkdir -p $BACKUP_DIR
sqlite3 $DB_FILE ".backup ${BACKUP_FILE}" >/dev/null
# Remove backups older than 30 days.
find $BACKUP_DIR -type f -name 'backup.sqlite3.*' -mtime +30 -exec rm {} \;
EOF
chmod +x ./backup.sh