Vaultwarden
下载
# pacman -S vaultwarden-web
配置
$ vim /etc/vaultwarden.env
/etc/vaultwarden.env 中 SIGNUPS_ALLOWED 先为 true 注册完改为 false
DATA_FOLDER=/var/lib/vaultwardenDATABASE_URL=data/db.sqlite3 WEB_VAULT_FOLDER=/usr/share/webapps/vaultwarden-web WEB_VAULT_ENABLED=true WEBSOCKET_ENABLED=true WEBSOCKET_ADDRESS=127.0.0.1 WEBSOCKET_PORT=3012 SIGNUPS_ALLOWED=false ROCKET_ADDRESS=127.0.0.1 ROCKET_PORT=8000
ROCKET_LIMITS={json=10485760}
Nginx
server {
listen 80;
server_name passwd.malacology.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
server_name passwd.malacology.net;
ssl_certificate /etc/nginx/web_ssl/passwd/full_chain.pem;
ssl_certificate_key /etc/nginx/web_ssl/passwd/private.key;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/passwd_access.log;
root /usr/share/webapps/vaultwarden-web;
index index.html;
location / {
proxy_pass http://localhost:8000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
client_max_body_size 128M;
# location /api {
# proxy_pass http://127.0.0.1:8000; # 和 ROCKET_ADDRESS 一样 以下同理
# }
# location /identity {
# proxy_pass http://127.0.0.1:8000;
# }
location /notifications/hub {
proxy_pass http://127.0.0.1:3012; # 为ws地址
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /notifications/hub/negotiate {
proxy_pass http://127.0.0.1:8000;
}
}
启动
# systemctl enable vaultwarden # systemctl restart vaultwarden
chrome拓展
设置 → 选项,勾选启用页面加载时自动填充 或者 Ctrl + Shift + L 自动填充
设置 > 安全 > 密码库超时 > 从不