最新消息:欢迎来到大叔的窝

拥抱Bitwarden_rs – 开源的全平台密码管理器

VPS Allen314 3032浏览 0评论

尝试过Enpass,的确不错,但是只能在手机端同步20条密码,这个对于我这种重度互联网使用者来说,完全不够,后来又找了1Password,需要缴年费使用,只能放弃,一次偶然的机会看到了Bitwarden, 但是搭建的过程让人崩溃,还好在Github上找到他的第三方开源版本 Bitwarden,用docker安装,一路搞下来如行云流水,无比畅快

下面记录安装过程,先安装并启动docker

#安装Docker
yum -y install docker
#启动docker
systemctl start docker
#开机自启
systemctl enable docker

接下来使用Docker拉取bitwarden_rs镜像并运行

docker pull bitwardenrs/server:latest
docker run -d --name bitwarden -v bw-data:/data/ -p 8880:80 bitwardenrs/server:latest

接下来建个域名用nginx反代

server
    {
    listen 443 ssl http2;
  # certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
    ssl_certificate /usr/local/nginx/conf/ssl/bw.tao314.cn/fullchain.cer;
    ssl_certificate_key /usr/local/nginx/conf/ssl/bw.tao314.cn/bw.tao314.cn.key;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
# intermediate configuration. tweak to your needs.
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
    ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
    add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
    # fetch OCSP records from URL in ssl_certificate and cache them
    ssl_stapling on;
    ssl_stapling_verify on;
server_name     youdomain.com;
   client_max_body_size 128M;
    location / {
        proxy_set_header  Host  'bw.tao314.cn';
        proxy_pass http://127.0.0.1:8880;
        proxy_redirect off;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /notifications/hub {
    proxy_pass http://127.0.0.1:3012;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
location /notifications/hub/negotiate {
    proxy_pass http://127.0.0.1:8880;
  }
}

注意事项

  1. 用https访问,不然会出错
  2. 注意映射的目录写法,bw-data前后不要加“/”
  3. 避开映射主机的80端口,可以开启其他的,比如8880,然后反代
  4. bitwarden_rs项目地址:https://github.com/dani-garcia/bitwarden_rs

转载请注明:野草堂 » 拥抱Bitwarden_rs – 开源的全平台密码管理器

发表我的评论
取消评论

表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址