Docker运行Vaultwarden

安装Vaultwarden

docker-compose配置

使用docker compose管理Vaultwarden,服务监听本地的10080和3012端口

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
version: '3'

services:
vaultwarden:
image: vaultwarden/server:latest
restart: always
container_name: vaultwarden
volumes:
- $PWD/bw-data:/data
environment:
WEBSOCKET_ENABLED: 'true'
SIGNUPS_ALLOWED: 'false'
TZ: 'Asia/Shanghai'
LOG_FILE: '/data/bitwarden.log'
DOMAIN: 'https://${DOMAIN}'
IP_HEADER: 'X-Forwarded-For'
ports:
- 127.0.0.1:10080:80
- 127.0.0.1:3012:3012
watchtower:
image: containrrr/watchtower
restart: always
container_name: watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_SCHEDULE
- TZ

注:首次运行请设置SIGNUPS_ALLOWED: 为 ‘true’,注册账号后改回’false’

nginx配置

Nginx的代理配置如下

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
location / {
proxy_pass http://127.0.0.1:10080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;

add_header X-Cache $upstream_cache_status;
}

location /notifications/hub {
proxy_pass http://127.0.0.1:3012;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}

location /notifications/hub/negotiate {
proxy_pass http://127.0.0.1:10080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;

add_header X-Cache $upstream_cache_status;

}