MirrorHub/bitwarden_rs

Go to file

BlackDex de157b2654 Admin token Argon2 hashing support Added support for Argon2 hashing support for the `ADMIN_TOKEN` instead of only supporting a plain text string. The hash must be a PHC string which can be generated via the `argon2` CLI or via the also built-in hash command in Vaultwarden. You can simply run `vaultwarden hash` to generate a hash based upon a password the user provides them self. Added a warning during startup and within the admin settings panel is the `ADMIN_TOKEN` is not an Argon2 hash. Within the admin environment a user can ignore that warning and it will not be shown for at least 30 days. After that the warning will appear again unless the `ADMIN_TOKEN` has be converted to an Argon2 hash. I have also tested this on my RaspberryPi 2b and there the `Bitwarden` preset takes almost 4.5 seconds to generate/verify the Argon2 hash. Using the `OWASP` preset it is below 1 second, which I think should be fine for low-graded hardware. If it is needed people could use lower memory settings, but in those cases I even doubt Vaultwarden it self would run. They can always use the `argon2` CLI and generate a faster hash.		2023-03-04 16:15:30 +01:00
.github	Rename `.buildx` Dockerfiles to `.buildkit`	2023-01-24 13:11:12 -08:00
docker	Update web vault to v2023.2.0 and dependencies	2023-02-21 22:48:20 +01:00
hooks	Merge branch 'main' into cap_net_bind_service	2023-02-12 18:41:45 +01:00
migrations	Merge branch 'main' into feature/kdf-options	2023-02-12 19:23:14 +01:00
resources	use a custom 404 page	2022-12-05 00:08:46 +01:00
src	Admin token Argon2 hashing support	2023-03-04 16:15:30 +01:00
tools	global_domains.py: allow syncing to a specific Git ref	2021-02-03 12:20:44 -08:00
.dockerignore	Update async to prepare for main merge	2022-02-22 20:00:33 +01:00
.editorconfig	Misc changes.	2021-03-30 21:45:10 +02:00
.env.template	Admin token Argon2 hashing support	2023-03-04 16:15:30 +01:00
.gitattributes	Just ignore scripts	2021-04-01 20:44:58 +01:00
.gitignore	Rename included .env file to .env.template and ignored .env	2019-01-06 22:50:30 +01:00
.hadolint.yaml	Disable Hadolint check for consecutive `RUN` instructions (DL3059)	2023-01-24 13:11:13 -08:00
.pre-commit-config.yaml	Updated Rust and crates	2023-02-13 08:32:01 +01:00
Cargo.lock	Admin token Argon2 hashing support	2023-03-04 16:15:30 +01:00
Cargo.toml	Admin token Argon2 hashing support	2023-03-04 16:15:30 +01:00
Dockerfile	Change Dockerfiles to make the AMD image multidb	2020-08-24 20:58:00 +02:00
LICENSE.txt	Re-License Vaultwarden to AGPLv3	2023-01-24 20:49:11 +01:00
README.md	docs: add build status badge in readme	2023-02-21 21:37:23 +01:00
SECURITY.md	Adding a SECURITY.md	2021-06-26 11:49:00 +02:00
build.rs	Add dev-only query logging support	2022-12-03 18:36:46 +01:00
clippy.toml	Resolve uninlined_format_args clippy warnings	2023-01-09 20:13:48 +01:00
diesel.toml	Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage.	2018-06-12 17:30:36 +02:00
rust-toolchain	Updated Rust and crates	2023-02-13 08:32:01 +01:00
rustfmt.toml	Improve sync speed and updated dep. versions	2022-05-06 17:01:02 +02:00

README.md

Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

📢 Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see #1642 for more explanation.

Image is based on Rust implementation of Bitwarden API.

This project is not associated with the Bitwarden project nor Bitwarden, Inc.

⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.

Features

Basically full implementation of Bitwarden API is provided including:

Organizations support
Attachments
Vault API support
Serving the static files for Vault interface
Website icons API
Authenticator and U2F support
YubiKey and Duo support

Installation

Pull the docker image and mount a volume from the host for persistent storage:

docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ -p 80:80 vaultwarden/server:latest

This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.

IMPORTANT: Some web browsers, like Chrome, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault from HTTPS.

This can be configured in vaultwarden directly or using a third-party reverse proxy (some examples).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).

Usage

See the vaultwarden wiki for more information on how to configure and run the vaultwarden server.

Get in touch

To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use the forum.

If you spot any bugs or crashes with vaultwarden itself, please create an issue. Make sure there aren't any similar issues open, though!

If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!