|
|
@@ -59,19 +59,21 @@ A nearly complete implementation of the Bitwarden Client API is provided, includ
|
|
|
## Usage
|
|
|
|
|
|
> [!IMPORTANT]
|
|
|
-> Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like `Cannot read property 'importKey'`. To solve this problem, you need to access the web vault via HTTPS or localhost.
|
|
|
->
|
|
|
->This can be configured in [Vaultwarden directly](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS) or using a third-party reverse proxy ([some examples](https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples)).
|
|
|
->
|
|
|
->If you have an available domain name, you can get HTTPS certificates with [Let's Encrypt](https://letsencrypt.org/), or you can generate self-signed certificates with utilities like [mkcert](https://github.com/FiloSottile/mkcert). Some proxies automatically do this step, like Caddy or Traefik (see examples linked above).
|
|
|
+> The web-vault requires the use a secure context for the [Web Crypto API](https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API).
|
|
|
+> That means it will only work via `http://localhost:8000` (using the port from the example below) or if you [enable HTTPS](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS).
|
|
|
|
|
|
-> [!TIP]
|
|
|
->**For more detailed examples on how to install, use and configure Vaultwarden you can check our [Wiki](https://github.com/dani-garcia/vaultwarden/wiki).**
|
|
|
-
|
|
|
-The main way to use Vaultwarden is via our container images which are published to [ghcr.io](https://github.com/dani-garcia/vaultwarden/pkgs/container/vaultwarden), [docker.io](https://hub.docker.com/r/vaultwarden/server) and [quay.io](https://quay.io/repository/vaultwarden/server).
|
|
|
+The recommended way to install and use Vaultwarden is via our container images which are published to [ghcr.io](https://github.com/dani-garcia/vaultwarden/pkgs/container/vaultwarden), [docker.io](https://hub.docker.com/r/vaultwarden/server) and [quay.io](https://quay.io/repository/vaultwarden/server).
|
|
|
+See [which container image to use](https://github.com/dani-garcia/vaultwarden/wiki/Which-container-image-to-use) for an explanation of the provided tags.
|
|
|
|
|
|
There are also [community driven packages](https://github.com/dani-garcia/vaultwarden/wiki/Third-party-packages) which can be used, but those might be lagging behind the latest version or might deviate in the way Vaultwarden is configured, as described in our [Wiki](https://github.com/dani-garcia/vaultwarden/wiki).
|
|
|
|
|
|
+Alternatively, you can also [build Vaultwarden](https://github.com/dani-garcia/vaultwarden/wiki/Building-binary) yourself.
|
|
|
+
|
|
|
+While Vaultwarden is based upon the [Rocket web framework](https://rocket.rs) which has built-in support for TLS our recommendation would be that you setup a reverse proxy (see [proxy examples](https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples).
|
|
|
+
|
|
|
+> [!TIP]
|
|
|
+>**For more detailed examples on how to install, use and configure Vaultwarden you can check our [Wiki](https://github.com/dani-garcia/vaultwarden/wiki).**
|
|
|
+
|
|
|
### Docker/Podman CLI
|
|
|
|
|
|
Pull the container image and mount a volume from the host for persistent storage.<br>
|
|
|
@@ -83,7 +85,7 @@ docker run --detach --name vaultwarden \
|
|
|
--env DOMAIN="https://vw.domain.tld" \
|
|
|
--volume /vw-data/:/data/ \
|
|
|
--restart unless-stopped \
|
|
|
- --publish 80:80 \
|
|
|
+ --publish 127.0.0.1:8000:80 \
|
|
|
vaultwarden/server:latest
|
|
|
```
|
|
|
|
|
|
@@ -104,7 +106,7 @@ services:
|
|
|
volumes:
|
|
|
- ./vw-data/:/data/
|
|
|
ports:
|
|
|
- - 80:80
|
|
|
+ - 127.0.0.1:8000:80
|
|
|
```
|
|
|
|
|
|
<br>
|
Stefan Melmuk