概要
bitwarden を入れてみる
参考(偉大なる先人に感謝)
bitwardenのインストール
https://takuya-1st.hatenablog.jp/entry/2021/09/28/150140
https://snapcraft.io/install/bitwarden/ubuntu
lxc 準備
name=bitwarden lxc launch ubuntu:20.04 $name --storage bt01 lxc config set $name security.privileged true lxc config set $name security.nesting true lxc restart $name lxc shell $name
docker 準備
apt update apt upgrade -y apt install docker-compose -y docker run --rm hello-world
作業用ディレクトリの作成
cd mkdir bitwarden cd $_
bitwarden の installation (id|key)
アクセス
https://bitwarden.com/host/
メールアドレス入力して Submit
id: e99f4c79-a6a9-4da1-82d6-ae4200251218
key: XULqlVDrWZmjtcF0FAUV
bitwarden サーバー install
curl -s -o bitwarden.sh \ https://raw.githubusercontent.com/bitwarden/server/master/scripts/bitwarden.sh chmod +x bitwarden.sh ./bitwarden.sh install ./bitwarden.sh start
params
key | value |
---|---|
domain name | bit.example.net |
Let's Encrypt 使う? | no |
database name | (何も入力せずに Enter) |
installation id | e99f4c79-a6a9-4da1-82d6-ae4200251218 |
installation key | XULqlVDrWZmjtcF0FAUV |
持っている SSL 証明書使う? | no |
自己証明書 generate する? | yes |
この辺は自分の環境に合わせて
log
root@bitworden:~/bitwarden# ./bitwarden.sh install _ _ _ _ | |__ (_) |___ ____ _ _ __ __| | ___ _ __ | '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ | |_) | | |_ \ V V / (_| | | | (_| | __/ | | | |_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_| Open source password management solutions Copyright 2015-2022, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 1.46.2 Docker version 20.10.7, build 20.10.7-0ubuntu5~20.04.2 docker-compose version 1.25.0, build unknown (!) Enter the domain name for your Bitwarden instance (ex. bitwarden.example.com): bit.example.net (!) Do you want to use Let's Encrypt to generate a free SSL certificate? (y/n): n (!) Enter the database name for your Bitwarden instance (ex. vault): 1.46.2: Pulling from bitwarden/setup 6552179c3509: Pull complete 21e1bc814f94: Pull complete a66d6e2c6505: Pull complete 1468e0fc777d: Pull complete 52220ccf12d8: Pull complete 274037baa1dc: Pull complete cd6708d3da5c: Pull complete b96cf08d1413: Pull complete 12f9a402a6ab: Pull complete beab38d582a0: Pull complete Digest: sha256:47ab15e658ba482e31ed8d3c1ab6f7555d7be7a63de56cd74aa5920a01d8203c Status: Downloaded newer image for bitwarden/setup:1.46.2 docker.io/bitwarden/setup:1.46.2 (!) Enter your installation id (get at https://bitwarden.com/host): e99f4c79-a6a9-4da1-82d6-ae4200251218 (!) Enter your installation key: XULqlVDrWZmjtcF0FAUV (!) Do you have a SSL certificate to use? (y/n): n (!) Do you want to generate a self-signed SSL certificate? (y/n): y Generating self signed SSL certificate. Generating a RSA private key .......++++ ................++++ writing new private key to '/bitwarden/ssl/self/bit.example.net/private.key' ----- Generating key for IdentityServer. Generating a RSA private key ...........................................++++ ...................................................................................................................................++++ writing new private key to 'identity.key' ----- !!!!!!!!!! WARNING !!!!!!!!!! You are using an untrusted SSL certificate. This certificate will not be trusted by Bitwarden client applications. You must add this certificate to the trusted store on each device or else you will receive errors when trying to connect to your installation. Building nginx config. Building docker environment files. Building docker environment override files. Building FIDO U2F app id. Building docker-compose.yml. Installation complete If you need to make additional configuration changes, you can modify the settings in `./bwdata/config.yml` and then run: `./bitwarden.sh rebuild` or `./bitwarden.sh update` Next steps, run: `./bitwarden.sh start` root@bitworden:~/bitwarden#
最後に起動する
./bitwarden.sh start
lxc の ポート公開設定 (もし port 変更するなら)
lxc config device add bitworden \ https proxy \ listen=tcp:10.147.14.1:10443 connect=tcp:10.147.14.170:443
アクセスする
https://bit.example.net/
https://10.147.14.170/
どっちか
login 画面が表示される
アカウントを作る
Master Password は推測しにくい長いものがいいでしょう
とはいえ、何度もパスワード入力ミスしたらロックかかるだろうから、忘れないほうが大事かも
もし再インストールをしたいなら
rm -rf bwdata ./bitwarden.sh install
バックアップ
./bitwarden stop # bwdata をどこかにまるっとコピー # 使うものはなんでもいい cp rsync sftp rclone
追加設定を変更したら
vim bwdata/config.yml # そして ./bitwarden.sh rebuild # or ./bitwarden.sh update
bitwarden help
root@bitworden:~/bitwarden# ./bitwarden.sh --help _ _ _ _ | |__ (_) |___ ____ _ _ __ __| | ___ _ __ | '_ \| | __\ \ /\ / / _` | '__/ _` |/ _ \ '_ \ | |_) | | |_ \ V V / (_| | | | (_| | __/ | | | |_.__/|_|\__| \_/\_/ \__,_|_| \__,_|\___|_| |_| Open source password management solutions Copyright 2015-2022, 8bit Solutions LLC https://bitwarden.com, https://github.com/bitwarden =================================================== bitwarden.sh version 1.46.2 Docker version 20.10.7, build 20.10.7-0ubuntu5~20.04.2 docker-compose version 1.25.0, build unknown No command found. Available commands: install start restart stop update updatedb updaterun updateself updateconf renewcert rebuild help See more at https://bitwarden.com/help/article/install-on-premise/#script-commands-reference root@bitworden:~/bitwarden#