coffre/README.md

205 lines
4.8 KiB
Markdown
Raw Normal View History

2022-03-28 13:43:29 +02:00
# Service COFFRE
2023-03-27 11:53:06 +02:00
[TOC]
2022-10-23 19:08:59 +02:00
## Installation de Vaultwarden
2022-03-28 13:43:29 +02:00
2023-03-27 11:53:06 +02:00
**Pour la compilation du serveur, un minimum de 2.5Go de mémoire vive est requis (sans quoi la compilation échoue)**.
2022-10-23 19:34:11 +02:00
2022-10-23 19:08:59 +02:00
### Installation des dépendances
2022-03-28 13:43:29 +02:00
2023-03-27 11:53:06 +02:00
Installation des paquets `rustc` et `cargo` :
2022-03-28 13:43:29 +02:00
2022-10-23 19:14:21 +02:00
sudo apt install rustc cargo
2022-10-23 19:08:59 +02:00
### Compilation du serveur
2023-03-27 11:53:06 +02:00
On récupère les sources :
2022-10-23 19:21:50 +02:00
cd ~
mkdir vaultwarden
git clone https://github.com/dani-garcia/vaultwarden ~/vaultwarden/vaultwarden
2023-03-27 11:53:06 +02:00
On choisit la bonne version à l'aide des tags :
2022-10-23 19:21:50 +02:00
git checkout <version>
2023-03-27 11:53:06 +02:00
On compile avec rust le serveur, en nettoyant bien avant :
2022-10-23 19:08:59 +02:00
2022-10-23 19:21:50 +02:00
cd vaultwarden/vaultwarden
2022-10-23 19:08:59 +02:00
cargo clean
cargo build --features sqlite --release
### Installation du serveur
2023-03-27 11:53:06 +02:00
Installation du fichier de configuration par défaut :
2022-10-23 19:08:59 +02:00
sudo cp ../../.env.template /etc/vaultwarden.env
2023-03-27 11:53:06 +02:00
Installation du binaire :
2022-10-23 19:08:59 +02:00
sudo cp vaultwarden /usr/bin/vaultwarden
2023-03-27 11:53:06 +02:00
Création du dossier des données :
2022-10-23 19:08:59 +02:00
sudo mkdir /var/lib/vaultwarden/data
2023-03-27 11:53:06 +02:00
Correction des droits :
2022-10-23 19:08:59 +02:00
sudo chmod +x /usr/bin/vaultwarden
sudo useradd -m -d /var/lib/vaultwarden vaultwarden
sudo chown -R vaultwarden:vaultwarden /var/lib/vaultwarden
### Création du fichier de service
2023-03-27 11:53:06 +02:00
On crée le fichier :
2022-10-23 19:08:59 +02:00
sudo nano /etc/systemd/system/vaultwarden.service
Avec le contenu suivant :
2022-03-28 13:43:29 +02:00
```
2022-10-23 19:08:59 +02:00
[Unit]
Description=Bitwarden Server (Powered by Vaultwarden)
Documentation=https://github.com/dani-garcia/vaultwarden
# If you use a database like mariadb,mysql or postgresql,
# you have to add them like the following and uncomment them
# by removing the `# ` before it. This makes sure that your
# database server is started before vaultwarden ("After") and has
# started successfully before starting vaultwarden ("Requires").
# Only sqlite
After=network.target
[Service]
# The user/group vaultwarden is run under. the working directory (see below) should allow write and read access to this user/group
User=vaultwarden
Group=vaultwarden
# The location of the .env file for configuration
EnvironmentFile=/etc/vaultwarden.env
# The location of the compiled binary
ExecStart=/usr/bin/vaultwarden
# Set reasonable connection and process limits
LimitNOFILE=1048576
LimitNPROC=64
# Isolate vaultwarden from the rest of the system
PrivateTmp=true
PrivateDevices=true
ProtectHome=true
ProtectSystem=strict
# Only allow writes to the following directory and set it to the working directory (user and password data are stored here)
WorkingDirectory=/var/lib/vaultwarden
ReadWriteDirectories=/var/lib/vaultwarden
# Allow vaultwarden to bind ports in the range of 0-1024
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
2022-03-28 13:43:29 +02:00
```
2022-10-23 19:08:59 +02:00
On recharge les services
sudo systemctl daemon-reload
On démarre
sudo systemctl start vaultwarden.service
sudo systemctl enable vaultwarden.service
## Mise à jour de Vaultwarden
### Récupération des mises à jour
On récupère les commits dans le dépôt et on passe sur le tag de la dernière version (`<version>`)
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
cd ~/vaultwarden/vaultwarden
git fetch
git checkout <version>
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
### Mise à jour du serveur
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
On compile avec rust le serveur, en nettoyant bien avant.
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
cargo clean
cargo build --features sqlite --release
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
On installe le binaire
2022-03-28 13:43:29 +02:00
2022-10-23 19:55:17 +02:00
sudo cp target/release/vaultwarden /usr/bin/vaultwarden
2022-10-23 19:08:59 +02:00
sudo chmod +x /usr/bin/vaultwarden
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
On redémarre le service
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
sudo systemctl restart vaultwarden.service
2022-03-28 13:43:29 +02:00
2022-10-23 19:21:50 +02:00
2022-10-23 19:08:59 +02:00
## Installation de l'interface web
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
### Installation des dépendances
2022-03-28 13:43:29 +02:00
2022-10-23 20:27:47 +02:00
On paramètre la source pour la version la plus récente de nodejs
curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -
2022-10-23 19:08:59 +02:00
On installe nodejs
2022-03-28 13:43:29 +02:00
2022-10-23 20:27:47 +02:00
sudo apt install -y nodejs
sudo npm i npm@latest -g
2022-03-28 13:43:29 +02:00
2022-10-23 19:21:50 +02:00
### Compiler la dernière version de l'interface web
On récupère les sources
2023-03-04 20:30:06 +01:00
git clone https://github.com/dani-garcia/bw_web_builds ~/vaultwarden/webvault
2022-10-23 19:21:50 +02:00
On compile
cd ~/vaultwarden/webvault
make full
2022-10-23 20:27:47 +02:00
### Installation de l'interface web
cd ~/vaultwarden/webvault
sudo cp -R builds/bw_web_<tag> /var/lib/vaultwarden/web-vault
Correction des droits
sudo chown -R vaultwarden:vaultwarden /var/lib/vaultwarden
2022-10-23 19:08:59 +02:00
## Mise à jour de l'interface web
2022-03-28 13:43:29 +02:00
2022-10-23 20:27:47 +02:00
### Mise à jour des dépendances
sudo npm i npm@latest -g
2022-10-23 19:08:59 +02:00
### Récupération des mises à jour
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
On récupère les commits dans le dépôt
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
cd ~/vaultwarden/webvault
2022-10-23 19:21:50 +02:00
git pull
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
### Compiler la dernière version de l'interface web
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
cd ~/vaultwarden/webvault
make full
2022-03-28 13:43:29 +02:00
2022-10-23 19:08:59 +02:00
Lorsque demandé, insérer l'identifiant du tag le plus récent (dispo avec git tag)
2022-10-23 20:27:47 +02:00
### Installer l'interface web
On installe la version correspondant à `<tag>`
cd ~/vaultwarden/webvault
sudo rm -r /var/lib/vaultwarden/web-vault
sudo cp -R builds/bw_web_<tag> /var/lib/vaultwarden/web-vault
Correction des droits
sudo chown -R vaultwarden:vaultwarden /var/lib/vaultwarden