Vaultwarden

mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-25 04:13:32 +01:00

Mirror of https://github.com/dani-garcia/vaultwarden

Go to file

Matlink 7c3cad197c Fix #3624 : fix manager permission within groups (#3754 ) * Fix #3624: fix manager permission within groups * Query returns UUID only * Fix issue when user is manager and in a group having access to all collections * optimize condition check * fix(groups): renaming and optimizations * fix: wrong organization group membership detection * Simplify group membership check Co-authored-by: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com> * Remove unused statement * improve check if the user has access via groups instead of returning the two lists of member ids and later checking if they contain the uuid of the current user, we really only care if the current user has full access via a group or if they have access to a given collection via a group * improve comments for get_org_collections_details * small refactor to make it easier to review * fix(groups): query full access via group only when necessary Co-authored-by: Mathijs van Veluw <black.dex@gmail.com> * chore(fmt): apply rustfmt --------- Co-authored-by: Stefan Melmuk <509385+stefan0xC@users.noreply.github.com> Co-authored-by: Stefan Melmuk <stefan.melmuk@gmail.com> Co-authored-by: Mathijs van Veluw <black.dex@gmail.com>		2024-03-17 22:11:34 +01:00
.github	Update crates, GHA and a Python/JS scripts (#4357 )	2024-02-25 23:26:46 +01:00
docker	Update Rust, crates and web-vault (#4328 )	2024-02-08 22:16:29 +01:00
migrations	Change timestamp data type. (#4355 )	2024-03-17 22:04:37 +01:00
resources	use a custom 404 page	2022-12-05 00:08:46 +01:00
src	Fix #3624 : fix manager permission within groups (#3754 )	2024-03-17 22:11:34 +01:00
tools	Update crates, GHA and a Python/JS scripts (#4357 )	2024-02-25 23:26:46 +01:00
.dockerignore	Update async to prepare for main merge	2022-02-22 20:00:33 +01:00
.editorconfig	Misc changes.	2021-03-30 21:45:10 +02:00
.env.template	Remove custom WebSocket code (#4001 )	2024-03-17 19:52:55 +01:00
.gitattributes	Just ignore scripts	2021-04-01 20:44:58 +01:00
.gitignore	Rename included .env file to .env.template and ignored .env	2019-01-06 22:50:30 +01:00
.hadolint.yaml	Container building changes (#3958 )	2023-10-23 00:18:38 +02:00
.pre-commit-config.yaml	Container building changes (#3958 )	2023-10-23 00:18:38 +02:00
build.rs	Update Rust, crates and web-vault (#4328 )	2024-02-08 22:16:29 +01:00
Cargo.lock	Remove custom WebSocket code (#4001 )	2024-03-17 19:52:55 +01:00
Cargo.toml	Remove custom WebSocket code (#4001 )	2024-03-17 19:52:55 +01:00
diesel.toml	Updated dependencies and created 'rust-toolchain', to mark a working nightly to rustup users, and hopefully avoid some nightly breakage.	2018-06-12 17:30:36 +02:00
Dockerfile	Container building changes (#3958 )	2023-10-23 00:18:38 +02:00
LICENSE.txt	Re-License Vaultwarden to AGPLv3	2023-01-24 20:49:11 +01:00
README.md	Update README.md	2024-01-01 19:44:52 +01:00
rust-toolchain.toml	Update Rust, crates and web-vault (#4328 )	2024-02-08 22:16:29 +01:00
rustfmt.toml	Upd Crates, Rust, MSRV, GHA and remove Backtrace	2023-03-07 09:17:42 +01:00
SECURITY.md	Adding a SECURITY.md	2021-06-26 11:49:00 +02:00

README.md

Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.

📢 Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see #1642 for more explanation.

Image is based on Rust implementation of Bitwarden API.

This project is not associated with the Bitwarden project nor Bitwarden, Inc.

⚠️IMPORTANT⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.

Features

Basically full implementation of Bitwarden API is provided including:

Organizations support
Attachments and Send
Vault API support
Serving the static files for Vault interface
Website icons API
Authenticator and U2F support
YubiKey and Duo support
Emergency Access

Installation

Pull the docker image and mount a volume from the host for persistent storage:

docker pull vaultwarden/server:latest
docker run -d --name vaultwarden -v /vw-data/:/data/ --restart unless-stopped -p 80:80 vaultwarden/server:latest

This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.

IMPORTANT: Most modern web browsers disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like Cannot read property 'importKey'. To solve this problem, you need to access the web vault via HTTPS or localhost.

This can be configured in vaultwarden directly or using a third-party reverse proxy (some examples).

If you have an available domain name, you can get HTTPS certificates with Let's Encrypt, or you can generate self-signed certificates with utilities like mkcert. Some proxies automatically do this step, like Caddy (see examples linked above).

Usage

See the vaultwarden wiki for more information on how to configure and run the vaultwarden server.

Get in touch

To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use GitHub Discussions or the forum.

If you spot any bugs or crashes with vaultwarden itself, please create an issue. Make sure you are on the latest version and there aren't any similar issues open, though!

If you prefer to chat, we're usually hanging around at #vaultwarden:matrix.org room on Matrix. Feel free to join us!