安装bitwarden
docker run -d --restart=always --name vaultwarden \
-e WEBSOCKET_ENABLED=true \
-e SIGNUPS_ALLOWED=false \
-e INVITATIONS_ALLOWED=false \
-e DOMAIN=https://pass.wzh.kim \
-v /root/bitwarden/:/data/ \
-p 3011:80 \
-p 3012:3012 \
-e ADMIN_TOKEN='$argon2id$v=19$m=65540,t=3,p=4$cFUvK3h3WWpyNTZ6NmVDOTZBT2t5Y01oOEpvUmd1OGhscFRBejVkcFRpQT0$kIr7BUwSuyA81Un/coYXNXgJcRBKfy0mrP5BKWRc7Kc' \
vaultwarden/server:latest
ADMIN_TOKEN计算
echo -n "MySecretPassword" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4
反代配置
#PROXY-START/
location ^~ /
{
proxy_pass http://localhost:3011;
proxy_set_header Host localhost;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_http_version 1.1;
# proxy_hide_header Upgrade;
add_header X-Cache $upstream_cache_status;
#Set Nginx Cache
set $static_file2iFs6P8X 0;
if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
{
set $static_file2iFs6P8X 1;
expires 1m;
}
if ( $static_file2iFs6P8X = 0 )
{
add_header Cache-Control no-cache;
}
}
location /notifications/hub
{
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://localhost:3011;
}
#PROXY-END/