Skip to content

Latest commit

 

History

History
52 lines (40 loc) · 2.11 KB

README.md

File metadata and controls

52 lines (40 loc) · 2.11 KB

Selfhosted

Ansible playbooks for setting up Vaultwarden password manager on a fresh server. Adding - basic - security.

Tools & Architecure

docker-compose - running the applications on the server.

Caddy - routing HTTP and for HTTP challange.

Syncthing - syncing data to a remote machine.This is not backups that protects against corrupt data.

flowchart LR
    db[(DB)]
    browser <-- https --> caddy
    subgraph SERVER
        caddy <--> vaultwarden
        caddy <--> syncthing
        vaultwarden <--> db
        db -.-> syncthing
    end
    syncthing-.->id1(some-other-syncthing)
    style id1 fill:stroke:#f66,stroke-width:2px,color:#fff,stroke-dasharray: 5 5

Loading

Getting started

Requirements

  1. a server where you want the system to be hosted with...
    1. root-access
    2. IP-address
    3. at least 1GB of RAM
  2. a registered domain pointing to the server
  3. a local machine that can run ansible

Running

You need to run two scripts in order to set-up the server...

  1. ./set-up.sh - to set-up the local machine and vault the secrets.
  2. ./run.sh - to set-up the server.
You can also run...
- `./check-vault.sh` - to print your local ansible-vault
- `./clean-up.sh` - to remove your local ansible-vault

Setting up Syncthing

Go to syncthing on https://YOURDOMAIN/syncthing/ and start syncing your folder. Perhaps with another friend who also has this set-up?

Start using Vaultwarden

You are now all done! Go to https://YOURDOMAIN/vaultwarden/ and start adding passwords. Or get started with some Bitwarden-clients and connect them to your Vaultwarden.