2022-03-28 13:43:29 +02:00
|
|
|
# Service COFFRE
|
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
## Installation de Vaultwarden
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
### Installation des dépendances
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:14:21 +02:00
|
|
|
Installation des paquets `rustc` et `cargo`
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:14:21 +02:00
|
|
|
sudo apt install rustc cargo
|
2022-10-23 19:08:59 +02:00
|
|
|
|
|
|
|
### Compilation du serveur
|
|
|
|
|
2022-10-23 19:21:50 +02:00
|
|
|
On récupère les sources
|
|
|
|
|
|
|
|
cd ~
|
|
|
|
mkdir vaultwarden
|
|
|
|
git clone https://github.com/dani-garcia/vaultwarden ~/vaultwarden/vaultwarden
|
|
|
|
|
|
|
|
On choisit la bonne version à l'aide des tags
|
|
|
|
|
|
|
|
git checkout <version>
|
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On compile avec rust le serveur, en nettoyant bien avant.
|
|
|
|
|
2022-10-23 19:21:50 +02:00
|
|
|
cd vaultwarden/vaultwarden
|
2022-10-23 19:08:59 +02:00
|
|
|
cargo clean
|
|
|
|
cargo build --features sqlite --release
|
|
|
|
|
|
|
|
### Installation du serveur
|
|
|
|
|
|
|
|
Installation du fichier de configuration par défaut
|
|
|
|
|
|
|
|
sudo cp ../../.env.template /etc/vaultwarden.env
|
|
|
|
|
|
|
|
Installation du binaire
|
|
|
|
|
|
|
|
sudo cp vaultwarden /usr/bin/vaultwarden
|
|
|
|
|
|
|
|
Création du dossier des données
|
|
|
|
|
|
|
|
sudo mkdir /var/lib/vaultwarden/data
|
|
|
|
|
|
|
|
Correction des droits
|
|
|
|
|
|
|
|
sudo chmod +x /usr/bin/vaultwarden
|
|
|
|
sudo useradd -m -d /var/lib/vaultwarden vaultwarden
|
|
|
|
sudo chown -R vaultwarden:vaultwarden /var/lib/vaultwarden
|
|
|
|
|
|
|
|
### Création du fichier de service
|
|
|
|
|
|
|
|
On crée le fichier
|
|
|
|
|
|
|
|
sudo nano /etc/systemd/system/vaultwarden.service
|
|
|
|
|
|
|
|
Avec le contenu suivant :
|
2022-03-28 13:43:29 +02:00
|
|
|
|
|
|
|
```
|
2022-10-23 19:08:59 +02:00
|
|
|
[Unit]
|
|
|
|
Description=Bitwarden Server (Powered by Vaultwarden)
|
|
|
|
Documentation=https://github.com/dani-garcia/vaultwarden
|
|
|
|
# If you use a database like mariadb,mysql or postgresql,
|
|
|
|
# you have to add them like the following and uncomment them
|
|
|
|
# by removing the `# ` before it. This makes sure that your
|
|
|
|
# database server is started before vaultwarden ("After") and has
|
|
|
|
# started successfully before starting vaultwarden ("Requires").
|
|
|
|
|
|
|
|
|
|
|
|
# Only sqlite
|
|
|
|
After=network.target
|
|
|
|
|
|
|
|
# MariaDB
|
|
|
|
# After=network.target mariadb.service
|
|
|
|
# Requires=mariadb.service
|
|
|
|
|
|
|
|
# Mysql
|
|
|
|
# After=network.target mysqld.service
|
|
|
|
# Requires=mysqld.service
|
|
|
|
|
|
|
|
# PostgreSQL
|
|
|
|
# After=network.target postgresql.service
|
|
|
|
# Requires=postgresql.service
|
|
|
|
|
|
|
|
|
|
|
|
[Service]
|
|
|
|
# The user/group vaultwarden is run under. the working directory (see below) should allow write and read access to this user/group
|
|
|
|
User=vaultwarden
|
|
|
|
Group=vaultwarden
|
|
|
|
# The location of the .env file for configuration
|
|
|
|
EnvironmentFile=/etc/vaultwarden.env
|
|
|
|
# The location of the compiled binary
|
|
|
|
ExecStart=/usr/bin/vaultwarden
|
|
|
|
# Set reasonable connection and process limits
|
|
|
|
LimitNOFILE=1048576
|
|
|
|
LimitNPROC=64
|
|
|
|
# Isolate vaultwarden from the rest of the system
|
|
|
|
PrivateTmp=true
|
|
|
|
PrivateDevices=true
|
|
|
|
ProtectHome=true
|
|
|
|
ProtectSystem=strict
|
|
|
|
# Only allow writes to the following directory and set it to the working directory (user and password data are stored here)
|
|
|
|
WorkingDirectory=/var/lib/vaultwarden
|
|
|
|
ReadWriteDirectories=/var/lib/vaultwarden
|
|
|
|
# Allow vaultwarden to bind ports in the range of 0-1024
|
|
|
|
AmbientCapabilities=CAP_NET_BIND_SERVICE
|
|
|
|
|
|
|
|
[Install]
|
|
|
|
WantedBy=multi-user.target
|
2022-03-28 13:43:29 +02:00
|
|
|
```
|
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On recharge les services
|
|
|
|
|
|
|
|
sudo systemctl daemon-reload
|
|
|
|
|
|
|
|
On démarre
|
|
|
|
|
|
|
|
sudo systemctl start vaultwarden.service
|
|
|
|
sudo systemctl enable vaultwarden.service
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Mise à jour de Vaultwarden
|
|
|
|
|
|
|
|
### Récupération des mises à jour
|
|
|
|
|
|
|
|
On récupère les commits dans le dépôt et on passe sur le tag de la dernière version (`<version>`)
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
cd ~/vaultwarden/vaultwarden
|
|
|
|
git fetch
|
|
|
|
git checkout <version>
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
### Mise à jour du serveur
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On compile avec rust le serveur, en nettoyant bien avant.
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
cargo clean
|
|
|
|
cargo build --features sqlite --release
|
2022-03-28 13:43:29 +02:00
|
|
|
|
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On installe le binaire
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
sudo cp vaultwarden /usr/bin/vaultwarden
|
|
|
|
sudo chmod +x /usr/bin/vaultwarden
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On redémarre le service
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
sudo systemctl restart vaultwarden.service
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:21:50 +02:00
|
|
|
|
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
## Installation de l'interface web
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
### Installation des dépendances
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On récupère la dernière version de npm/nodejs
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On installe nodejs
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
sudo apt-get install -y nodejs
|
|
|
|
npm -g install npm@7
|
|
|
|
npm i npm@latest -g
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
Ajout au `PATH`
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
echo 'export PATH=/opt/node/bin:$PATH' >> ~/.bashrc
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:21:50 +02:00
|
|
|
### Compiler la dernière version de l'interface web
|
|
|
|
|
|
|
|
On récupère les sources
|
|
|
|
|
|
|
|
git clone https://github.com/dani-garcia/vaultwarden ~/vaultwarden/webvault
|
|
|
|
|
|
|
|
On compile
|
|
|
|
|
|
|
|
cd ~/vaultwarden/webvault
|
|
|
|
make full
|
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
## Mise à jour de l'interface web
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
### Récupération des mises à jour
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
On récupère les commits dans le dépôt
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
cd ~/vaultwarden/webvault
|
2022-10-23 19:21:50 +02:00
|
|
|
git pull
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
### Compiler la dernière version de l'interface web
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
cd ~/vaultwarden/webvault
|
|
|
|
make full
|
2022-03-28 13:43:29 +02:00
|
|
|
|
2022-10-23 19:08:59 +02:00
|
|
|
Lorsque demandé, insérer l'identifiant du tag le plus récent (dispo avec git tag)
|