Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

--- bitwarden [2024-04-03 21:07:06] – manfred
+++ bitwarden [2024-05-27 17:53:04] (aktuell) – [Konfiguration von vaultwarden] manfred
@@ Zeile 19: / Zeile 19: @@
   > pkg install security/vaultwarden
+''oder''
 <code>
-# cd
+# cd /usr/ports/security/vaultwarden/
 # make clean
 # make config
@@ Zeile 64: / Zeile 66: @@
 </code>
-dedizierten Benutzer anlegen:
-  # pw groupadd -n vaultwarden
-  # pw useradd -n vaultwarden -g vaultwarden -s /usr/local/bin/bash
-  # touch /var/log/vaultwarden.log
-  # chown vaultwarden:vaultwarden /var/log/vaultwarden.log
-  # mkdir /home/vaultwarden/bin/
-  # vim /home/vaultwarden/bin/vaultwarden.sh
-  # chmod 0700 /home/vaultwarden/bin/vaultwarden.sh
-  # chown -R vaultwarden:vaultwarden /home/vaultwarden/bin/
-  # vim /usr/local/bin/vaultwarden.sh
-<file bash /home/vaultwarden/bin/vaultwarden.sh>
+=== Konfiguration von vaultwarden ===
-#!/usr/bin/env bash
-cd /home/vaultwarden || exit 1
+  > touch /var/log/vaultwarden.log
-mkdir -p data web-vault/
+  > chown www:www /var/log/vaultwarden.log
+<file bash /usr/local/etc/rc.conf.d/vaultwarden>
 #------------------------------------------------------------------------------#
-ROCKET_ADDRESS=0.0.0.0
+vaultwarden_enable="YES"
+#Warning : Some of these settings may be overridden when changing settings on the admin page or in the config.json file
+#located by default at: /usr/local/www/vaulwarden/data/config.json
+LOG_FILE='/var/log/vaultwarden.log'
+export LOG_FILE
+ROCKET_ADDRESS=::1
 export ROCKET_ADDRESS
-ROCKET_PORT=8000
+ROCKET_PORT=4567 # your port here
 export ROCKET_PORT
-# https://github.com/dani-garcia/vaultwarden/wiki/Building-binary#install-the-web-vault
+# ROCKET_TLS='{certs = "/ssl/fullchain.pem", key = "/ssl/key.pem"}'
-WEB_VAULT_ENABLED=false
+# LOG_FILE='/data/bitwarden.log'
-export WEB_VAULT_ENABLED
-LOG_FILE=/var/log/vaultwarden.log
+SIGNUPS_ALLOWED=false
-export LOG_FILE
+export SIGNUPS_ALLOWED
-#------------------------------------------------------------------------------#
-screen -d -m -S vaultwarden /usr/local/bin/vaultwarden
+SIGNUPS_VERIFY=true
-</file>
+export SIGNUPS_VERIFY
-<file bash /usr/local/bin/vaultwarden.sh>
+INVITATIONS_ALLOWED=false
-#!/usr/bin/env bash
+export INVITATIONS_ALLOWED
-su - vaultwarden -c /home/vaultwarden/bin/vaultwarden.sh
+DOMAIN='https://vaultwarden.domain.de'
+export DOMAIN
+# ADMIN_TOKEN= # generate one with ~$ openssl rand -base64 48
+# export ADMIN_TOKEN
+SMTP_HOST='mailout.domain.de'
+export SMTP_HOST
+SMTP_FROM='vaultwarden@domain.de'
+export SMTP_FROM
+SMTP_PORT=465
+export SMTP_PORT
+SMTP_SECURITY=force_tls
+export SMTP_SECURITY
+SMTP_USERNAME='mailbenutzer'
+export SMTP_USERNAME
+SMTP_PASSWORD='Motivate7-Sulphate7-Operate6-Contact3-Habitat9'
+export SMTP_PASSWORD
+# Beta feature
+# ORG_GROUPS_ENABLED=false
+# export ORG_GROUPS_ENABLED
 </file>
-  # /usr/local/bin/vaultwarden.sh
+<file c /home/etc/nginx/conf.d/vaultwarden.domain.de.conf>
-  # cat /var/log/vaultwarden.log
+# https://github.com/dani-garcia/vaultwarden/wiki
-  [2024-04-03 22:26:38.536][start][INFO] Rocket has launched from http://0.0.0.0:8000
+### vaultwarden
+upstream vaultwarden {
+	zone vaultwarden 64k;
+	server [::1]:4567;
+	keepalive 2;
+}
+# Needed to support websocket connections
+# See: https://nginx.org/en/docs/http/websocket.html
+# Instead of "close" as stated in the above link we send an empty value.
+# Else all keepalive connections will not work.
+map $http_upgrade $connection_upgrade {
+    default upgrade;
+    ''      "";
+}
+server {
+    listen [::]:443 ssl http2;
+    server_name vaultwarden.domain.de;
+	include /home/etc/nginx/snippets/header.conf;
+	client_max_body_size 525M;
+    location / {
+		include /home/etc/nginx/snippets/proxy.conf;
+        proxy_pass http://vaultwarden;
+    }
+}
+</file>