安装bitwarden

docker run -d --restart=always --name vaultwarden \
-e WEBSOCKET_ENABLED=true \
-e SIGNUPS_ALLOWED=false \
-e INVITATIONS_ALLOWED=false \
-e DOMAIN=https://pass.wzh.kim \
-v /root/bitwarden/:/data/ \
-p 3011:80 \
-p 3012:3012 \
-e ADMIN_TOKEN='$argon2id$v=19$m=65540,t=3,p=4$cFUvK3h3WWpyNTZ6NmVDOTZBT2t5Y01oOEpvUmd1OGhscFRBejVkcFRpQT0$kIr7BUwSuyA81Un/coYXNXgJcRBKfy0mrP5BKWRc7Kc' \
vaultwarden/server:latest

ADMIN_TOKEN计算

echo -n "MySecretPassword" | argon2 "$(openssl rand -base64 32)" -e -id -k 65540 -t 3 -p 4

反代配置

#PROXY-START/
location ^~ /
{
    proxy_pass http://localhost:3011;
    proxy_set_header Host localhost;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
    proxy_http_version 1.1;
    # proxy_hide_header Upgrade;

    add_header X-Cache $upstream_cache_status;
    #Set Nginx Cache

    set $static_file2iFs6P8X 0;
    if ( $uri ~* "\.(gif|png|jpg|css|js|woff|woff2)$" )
    {
        set $static_file2iFs6P8X 1;
        expires 1m;
    }
    if ( $static_file2iFs6P8X = 0 )
    {
        add_header Cache-Control no-cache;
    }
}

location /notifications/hub
{
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_pass http://localhost:3011;
}
#PROXY-END/
最后修改:2024 年 05 月 28 日
如果觉得我的文章对你有用,请随意赞赏