Ansible playbooks for setting up Vaultwarden password manager on a fresh server. Adding - basic - security and using Duck DNS subdomain.
docker-compose - running the applications on the server.
Caddy - routing HTTP and for HTTP challange.
Syncthing - syncing data to a remote machine.This is not backups that protects against corrupt data.
flowchart LR
db[(DB)]
browser <-- https --> caddy
subgraph SERVER
caddy <--> vaultwarden
caddy <--> syncthing
vaultwarden <--> db
db -.-> syncthing
end
syncthing-.->id1(some-other-syncthing)
style id1 fill:stroke:#f66,stroke-width:2px,color:#fff,stroke-dasharray: 5 5
- a server where you want the system to be hosted with...
- root-access
- IP-address (public or local)
- at least 1GB of RAM
- a duckdns-account with a registred domain name to the server
- a local machine that can run ansible
You need to run two scripts in order to set-up the server...
./set-up.sh- to set-up the local machine and vault the secrets../run.sh- to set-up the server, it will take about 20 mins.
You can also run...
- `./check-vault.sh` - to print your local ansible-vault
- `./clean-up.sh` - to remove your local ansible-vault
Go to syncthing on https://YOURSUBDOMAIN.duckdns.org/syncthing/ and start syncing your folder. Perhaps with another friend who also has this set-up?
You are now all done! Go to https://YOURSUBDOMAIN.duckdns.org/vaultwarden/ and start adding passwords. Or get started with some Bitwarden-clients and connect them to your Vaultwarden.