[记录]便捷部署bitwarden_rs/vaultwarden:从docker提取二进制
Bitwarden Server的开源Rust实现(新版本已经改名vaultwarden),编译后的二进制没有外部依赖,社区不提供编译好的二进制,但是提供了docker,本文是建立在提取docker内的二进制的基础上。
我使用的环境是Proxmox VE(PVE),你可以根据自己的情况变通;点击右上角,创建CT,使用Alpine模板,硬盘默认2G就足够,内存512MB即可。
准备工作
使用命令lxc-attach vmid进入容器,下载docker官方提供的镜像下载脚本,并安装依赖:
cd /opt
wget https://raw.githubusercontent.com/moby/moby/master/contrib/download-frozen-image-v2.sh
chmod +x download-frozen-image-v2.sh
apk add jq bash下载编译好的web-valut压缩包
mkdir -p /opt/bitwarden
cd /opt/bitwarden
wget https://github.com/dani-garcia/bw_web_builds/releases/download/v2.24.1/bw_web_v2.24.1.tar.gz
tar axvf bw_web_v2.24.1.tar.gz
web-vault/
web-vault/version.json
web-vault/theme_head.7428b587c0d095edfc0f.js
web-vault/duo-connector.html
...下载镜像
打开镜像地址:https://hub.docker.com/layers/vaultwarden/server,点进对应的镜像,找到sha256记下来,等下要用:
查看构建记录,下拉找到图片上圈红的两行,分别是二进制vaultwarden文件和web-vault,后面只使用这里的vaultwarden,因为web-vault通常不是最新的,所以前面单独下载了一次。
执行前面准备好的脚本:
cd /opt
mkdir docker
./download-frozen-image-v2.sh docker vaultwarden/server:alpine@sha256:dab7911877ae2a9d3beeb3f973659743e38ea0ce458bb32c1f10fdccbf8c427b
Downloading 'vaultwarden/server:alpine@sha256:dab7911877ae2a9d3beeb3f973659743e38ea0ce458bb32c1f10fdccbf8c427b' (7 layers)...
-#O#- # #
####################################################################################################### 100.0%
-#O#- # #
...去下载文件里找想要的文件:
cd /opt/docker
du -sh ./*
8.0K ./188631f3d3020d5c21e37174b980529ba4fb8ed3fdf10a2cfffd9e8ef689eb5f.json
2.3M ./385c5c6f8dd14464d0fb63fd9611b4bf00907cbd7cceb57a89f2cf50e62e36bd
16.0K ./5820341a98cd4d9a504d58b2d7d939022e815d5e6951fed6588fad503fd037b2
8.3M ./77a25c7436c58dc518bea6c86ce15d1b3a5bd200078eb751deb15e3f81c81d3c
8.3M ./833d2ef4fc618d818535db10f113cb6375bb104a9c61fc6485e7221bf3e9526a
...根据大小判断应该是77a25c7或者833d2ef,分别进入目录执行tar axvf layer.tar:
cd 77a25c7436c58dc518bea6c86ce15d1b3a5bd200078eb751deb15e3f81c81d3c/
tar axvf layer.tar
web-vault/
web-vault/.nojekyll
web-vault/404/
web-vault/404.html
web-vault/404/bootstrap.min.css
web-vault/404/font-awesome.min.css
web-vault/404/styles.css
···
cd 833d2ef4fc618d818535db10f113cb6375bb104a9c61fc6485e7221bf3e9526a/
tar axvf layer.tar
vaultwarden找到了,是833d2ef,复制vaultwarden到想要放置的位置:
cp vaultwarden /opt/bitwarden/部署和配置
基本上需要配置的不多,默认使用sqlite数据库,没啥特殊的不用调整:
cd /opt/bitwarden
mkdir data
wget https://raw.githubusercontent.com/dani-garcia/vaultwarden/main/.env.template -O .env
./vaultwarden
/--------------------------------------------------------------------\
| Starting Vaultwarden |
| Version 1.23.0 |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the |
| official channels to report bugs/features, regardless of client. |
| Send usage/configuration questions or feature requests to: |
| https://vaultwarden.discourse.group/ |
| Report suspected bugs/issues in the software itself at: |
| https://github.com/dani-garcia/vaultwarden/issues/new |
\--------------------------------------------------------------------/
[2021-10-30 15:14:09.050][vaultwarden][INFO] Private key created correctly.
[2021-10-30 15:14:09.050][vaultwarden][INFO] Public key created correctly.
Running migration 20180114171611
Running migration 20180217205753
...
[2021-10-30 15:14:09.124][start][INFO] Rocket has launched from http://0.0.0.0:8000剩下的跟着Wiki调整就可以了:https://github.com/dani-garcia/vaultwarden/wiki/Configuration-overview
配置开启启动
vi /etc/init.d/vaultwarden 输入:
#!/sbin/openrc-run
depend() {
use logger dns
need net
after firewall
}
start() {
ebegin "Starting bitwarden rust server"
start-stop-daemon -S -b -m -p /var/run/vaultwarden.pid -x /opt/bitwarden/vaultwarden -d /opt/bitwarden/
eend $?
}
stop() {
ebegin "Stopping bitwarden rust server"
start-stop-daemon --stop --pidfile /var/run/vaultwarden.pid
eend $?
}Alpine下的启动控制:
rc-update add vaultwarden
rc-status
rc-service vaultwarden start后记
更新的话可以重新提取二进制,替换掉,重启服务就可以了。目前vaultwarden的更新都是向下兼容的,我跟着更新了几个版本暂时没有出问题。