8ab200224e
* Fix BWDC when re-run with cleared cache Using the BWDC with a cleared cache caused invited users to be converted to accepted users. The problem was a wrong check for the `restore` function. Fixes #4114 * Remove useless variable During some refactoring this seems to be overlooked. This variable gets filled but isn't used at all afterwards. Fixes #4105 * Check some `.git` paths to force a rebuild When a checked-out repo switches to a specific tag, and that tag does not have anything else changed in the files except the tag, it could happen that the build process doesn't see any changes, while it could be that the version string needs to be different. This commit ensures that if some specific paths are changed within the .git directory, cargo will be triggered to rebuild. Fixes #4087 * Do not delete dir on file delete Previously during a `delete_file` check we also tried to delete the parent directory and ignored all errors, like not being empty for example. Since this function is called `delete_file` and does not mention anything in regards to a directory i have removed that code and it will now only delete the file and leave the rest as-is. If this somehow is still needed or wanted, which i do not think we want, then we should create a new function. Fixes #4081 * Fix healthcheck when using an ENV file If someone is using a `.env` file or configured the `ENV_FILE` variable to use that as it's configuration, this was missed by the healthcheck. So, `DOMAIN` and `ROCKET_TLS` were not seen, and not used in these cases. This commit fixes this by checking for this file and if it exists, then it will load those variables first. Fixes #4112 * Add missing route While there was a function and a derive, this endpoint wasn't part of the routes. Since Bitwarden does have this endpoint ill add the route instead of deleting it. Fixes #4076 Fixes #4144 * Update crates to update the openssl crate Because of a bug in the openssl-sys crate we pinned the version to an older version. This issue has been fixed and was released 2 days ago. This commit updates the openssl crates including others. This should also fix the issues with building Vaultwarden using newer versions of LibreSSL. Fixes #4051 |
||
---|---|---|
.github | ||
docker | ||
migrations | ||
resources | ||
src | ||
tools | ||
.dockerignore | ||
.editorconfig | ||
.env.template | ||
.gitattributes | ||
.gitignore | ||
.hadolint.yaml | ||
.pre-commit-config.yaml | ||
build.rs | ||
Cargo.lock | ||
Cargo.toml | ||
diesel.toml | ||
Dockerfile | ||
LICENSE.txt | ||
README.md | ||
rust-toolchain.toml | ||
rustfmt.toml | ||
SECURITY.md |
Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
📢 Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see #1642 for more explanation.
Image is based on Rust implementation of Bitwarden API.
This project is not associated with the Bitwarden project nor Bitwarden, Inc.
⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.
Features
Basically full implementation of Bitwarden API is provided including:
- Organizations support
- Attachments and Send
- Vault API support
- Serving the static files for Vault interface
- Website icons API
- Authenticator and U2F support
- YubiKey and Duo support
- Emergency Access
Installation
Pull the docker image and mount a volume from the host for persistent storage:
docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ --restart unless-stopped -p 80:80 vaultwarden/server:latest
This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.
IMPORTANT: Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'
. To solve this problem, you need to access the web vault via HTTPS or localhost.
This can be configured in vaultwarden directly or using a third-party reverse proxy (some examples).
If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).
Usage
See the vaultwarden wiki for more information on how to configure and run the vaultwarden server.
Get in touch
To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use GitHub Discussions or the forum.
If you spot any bugs or crashes with vaultwarden itself, please create an issue. Make sure you are on the latest version and there aren't any similar issues open, though!
If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!
Sponsors
Thanks for your contribution to the project!
Chris Alfano |
Numberly |