aboutsummaryrefslogblamecommitdiffstats
path: root/README.md
blob: e84ffc3361954bf1efc7702fd46797023e690c64 (plain) (tree)
1
2
3
4
5
6
7
8
9
                                  

                            
                                                                          


                                                                    
                                                                     
                                                           
                                                           

                                                                          
                                                                         

                                        

                                                                          
                                                                            

                                                                           
 



                                                                             













                                                                               
# A mkosi-template for Vaultwarden

This is a mkosi-template for
[Vaultwarden](https://github.com/dani-garcia/vaultwarden). In order to set
this up you need Mkosi >=5.

To build this, run `sudo mkosi`. This will create a new container in
`/var/lib/machines` called `vaultwarden`. Next you should symlink the
`.nspawn`-config to `/etc/systemd/nspawn` using `sudo ln -s
/var/lib/machines/vaultwarden.nspawn /etc/systemd/nspawn/`.

After that you need to create the folders we mount into the image. This is
`/etc/vaultwarden` and `/var/local/vaultwarden`. These should be owned by
root, and have `700` set as permissions.

Then you need to copy `etc/vaultwarden/vaultwarden.env` to
`/etc/vaultwarden/`, and set all your variables. You also need to create a
database (using PostgreSQL). Lastly you need to set up a web-proxy - see the
[vaultwarden wiki](https://github.com/dani-garcia/vaultwarden/wiki) for
[examples](https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples).

Now all you need to do is to run it - `machinectl start vaultwarden`. You can
drop into the container to troubleshoot using `machinectl shell vaultwarden`,
and you can view logs using `journalctl -M vaultwarden` from the host, or
`journalctl -u vaultwarden` from inside the container.

## Upgrading from "bitwarden-rs" to "vaultwarden"
Vaultwarden recently changed name from Bitwarden-RS to Vaultwarden, and a lot
of files have been moved around. If you've been using this mkosi-template, this
should be the upgrade-path:

```
$ sudo mv /etc/bitwarden_rs /etc/vaultwarden
$ sudo mv /etc/vaultwarden/bitwarden_rs.env /etc/vaultwarden/env
$ sudo mv /var/local/bitwarden_rs /var/local/vaultwarden
$ sudo chown -R 29033447:29033447 /var/local/vaultwarden/data
```
As you can see, some files have been moved around, and also we've set a more
static UID for the vaultwarden-user.