Miroslav Prasil
4df686f49e
|
6 years ago | |
---|---|---|
migrations | 6 years ago | |
src | 6 years ago | |
.dockerignore | 6 years ago | |
.env.template | 6 years ago | |
.gitignore | 6 years ago | |
.travis.yml | 6 years ago | |
Cargo.lock | 6 years ago | |
Cargo.toml | 6 years ago | |
Dockerfile | 6 years ago | |
Dockerfile.aarch64 | 6 years ago | |
Dockerfile.alpine | 6 years ago | |
Dockerfile.armv7 | 6 years ago | |
LICENSE.txt | 7 years ago | |
README.md | 6 years ago | |
Rocket.toml | 6 years ago | |
build.rs | 6 years ago | |
diesel.toml | 7 years ago | |
rust-toolchain | 6 years ago | |
rustfmt.toml | 6 years ago |
README.md
This is a Bitwarden server API implementation written in Rust compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
Image is based on Rust implementation of Bitwarden API.
This project is not associated with the Bitwarden project nor 8bit Solutions LLC.
⚠️IMPORTANT⚠️: When using this server, please report any Bitwarden related bug-reports or suggestions here, regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.
Features
Basically full implementation of Bitwarden API is provided including:
- Basic single user functionality
- Organizations support
- Attachments
- Vault API support
- Serving the static files for Vault interface
- Website icons API
- Authenticator and U2F support
- YubiKey OTP
Installation
Pull the docker image and mount a volume from the host for persistent storage:
docker pull mprasil/bitwarden:latest
docker run -d --name bitwarden -v /bw-data/:/data/ -p 80:80 mprasil/bitwarden:latest
This will preserve any persistent data under /bw-data/, you can adapt the path to whatever suits you.
IMPORTANT: Some web browsers, like Chrome, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'
. To solve this problem, you need to access the web vault from HTTPS.
This can be configured in bitwarden_rs directly or using a third-party reverse proxy (some examples).
If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).
Usage
See the bitwarden_rs wiki for more information on how to configure and run the bitwarden_rs server.
Get in touch
To ask an question, raising an issue is fine, also please report any bugs spotted here.
If you prefer to chat, we're usually hanging around at #bitwarden_rs:matrix.org room on Matrix. Feel free to join us!