backup/restore bitwarden docker in a new machine + yubikey support

date
May 6, 2022
slug
bitwarden-docker-yubikey-2fa
status
Published
summary
小技巧 自建密码服务
tags
tip
type
Post
URL
notion image

Problem & Summary

Solution

export QH13=/drive/qh13_webdav_remote/webdav_remote
tail $QH13/_host/$(hostname)/$(hostname).log

docker stop bitwarden

mkdir -p /data/bitwarden; cd /data/bitwarden

cp /data/gd_stanford/_host/bwh5g5t/2022-05-06/bitwarden.backup.datafolder.2022-05-06-125035.zip .
unzip *.zip && rm *.zip

mv data data_tmp
mv data_tmp/bitwarden/data .
rm -rf data_tmp

cd data
mv db.sqlite3 db.sqlite3.bak
# 之前通过这个备份
# sqlite3 -stats db.sqlite3 ".backup db.sqlite3.backup_by_commandline"
sqlite3 -stats db.sqlite3 ".restore db.sqlite3.backup_by_commandline"

# refresh everything
rm rsa_key.*

# check tmp_qh_all

YUB_ID=66333
YUB_KEY=ImiWwxLY61NRKoRQ
docker run -d \
    --name bitwarden \
    -p 18080:80 \
    -p 18081:3012 \
    --restart=always \
    -e SIGNUPS_ALLOWED=true \
    -e WEB_VAULT_ENABLED=true \
    -e WEBSOCKET_ENABLED=true \
    -e YUBICO_CLIENT_ID=${YUB_ID} \
    -e YUBICO_SECRET_KEY=${YUB_KEY} \
    -v /data/bitwarden/data:/data \
    vaultwarden/server:latest

# or simply
docker restart bitwarden

sleep 1s; docker logs -f bitwarden
 

反代 18080

notion image

但要改一下反代配置 - 主要加上 /notifications/hub

#PROXY-START/
location ~* \.(php|jsp|cgi|asp|aspx)$
{
	proxy_pass http://127.0.0.1:18080;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
}
location /
{
    proxy_pass http://127.0.0.1:18080;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header REMOTE-HOST $remote_addr;
    
    add_header X-Cache $upstream_cache_status;
    
    #Set Nginx Cache
    
    	add_header Cache-Control no-cache;
    expires 12h;
}

 location /notifications/hub {
      proxy_pass http://127.0.0.1:18081;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
    }
  
    location /notifications/hub/negotiate {
      proxy_pass http://127.0.0.1:18080;
    }

#PROXY-END/

最主要的需要备份的的文件

notion image
notion image
notion image
 
 

© Ying Bun 2021 - 2022