Ya estoy en Bitwarden. Migración desde 1Password
Algo que debería haber hecho hace un año.
Al fin he cambiado de gestor de contraseñas. He dejado 1Password atrás después de muchos años de buen servicio y me he pasado a Bitwarden autoalojado con Vaultwarden. Las aplicaciones móviles y de escritorio han mejorado lo suficiente como para dar el salto por fin. Te cuento todos los detalles del proceso.
Synology: Install Vaultwarden With Portainer
Trustworthy expert guide to your Synology NAS.
Marius Bogdan Lixandru
Using Docker Compose
Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs - dani-garcia/vaultwarden
dani-garcia
GitHub - ttionya/vaultwarden-backup: Backup vaultwarden (formerly known as bitwarden_rs) SQLite3/PostgreSQL/MySQL/MariaDB database by rclone. (Docker)
Backup vaultwarden (formerly known as bitwarden_rs) SQLite3/PostgreSQL/MySQL/MariaDB database by rclone. (Docker) - ttionya/vaultwarden-backup
ttionya
vaultwarden:
image: vaultwarden/server:latest
container_name: Vaultwarden
hostname: Vaultwarden
restart: unless-stopped
networks:
- principal
security_opt:
- no-new-privileges:true
user: 1000:1000
ports:
- 4020:4020
environment:
ROCKET_PORT: 4020
DATABASE_URL: "postgresql://vaultwardenuser:vaultwardenpass@Vaultwarden_DB:5432/vaultwarden"
ADMIN_TOKEN: <TOKEN>
DISABLE_ADMIN_TOKEN: false
DOMAIN: <DOMINIO>
SMTP_HOST: <SMTP_HOST>
SMTP_FROM: <SMTP_FROM>
SMTP_PORT: <SMTP_PORT>
SMTP_SECURITY: tls
SMTP_USERNAME: <SMTP_USERNAME>
SMTP_PASSWORD: <SMTP_PASSWORD>
PUSH_ENABLED: true
PUSH_INSTALLATION_ID: <PUSH_INSTALLATION_ID>
PUSH_INSTALLATION_KEY: <PUSH_INSTALLATION_KEY>
PUSH_RELAY_URI: https://api.bitwarden.eu
PUSH_IDENTITY_URI: https://identity.bitwarden.eu
SHOW_PASSWORD_HINT: false
labels:
- "traefik.enable=true"
- "traefik.http.routers.r-vaultwarden.entryPoints=web"
- "traefik.http.routers.r-vaultwarden.rule=Host(`<DOMINIO>`)"
- "traefik.http.routers.r-vaultwarden.service=vaultwarden"
- "traefik.http.routers.r-vaultwarden.middlewares=redir-vaultwarden"
- "traefik.http.routers.rssl-vaultwarden.entryPoints=web-secure"
- "traefik.http.routers.rssl-vaultwarden.rule=Host(`<DOMINIO>`)"
- "traefik.http.routers.rssl-vaultwarden.service=vaultwarden"
- "traefik.http.routers.rssl-vaultwarden.tls=true"
- "traefik.http.middlewares.redir-vaultwarden.redirectscheme.scheme=https"
- "traefik.http.services.vaultwarden.loadbalancer.server.port=4020"
volumes:
- /home/pi/docker/vaultwarden/data:/data:rw
depends_on:
vaultwarden_db:
condition: service_started
vaultwarden_db:
image: postgres:17
container_name: Vaultwarden_DB
hostname: Vaultwarden_DB
restart: unless-stopped
networks:
- principal
security_opt:
- no-new-privileges:true
environment:
POSTGRES_DB: vaultwarden
POSTGRES_USER: "vaultwardenuser"
POSTGRES_PASSWORD: "vaultwardenpass"
volumes:
- /home/pi/docker/vaultwarden/db:/var/lib/postgresql/data
healthcheck:
test: ["CMD", "pg_isready", "-q", "-d", "vaultwarden", "-U", "vaultwardenuser"]
timeout: 45s
interval: 10s
retries: 10
docker run --rm -it \
-v /home/pi/docker/vaultwarden/backup/config-rclone:/config/ \
ttionya/vaultwarden-backup:latest \
rclone config
docker run --rm -it \
-v /home/pi/docker/vaultwarden/backup/config-rclone:/config/ \
ttionya/vaultwarden-backup:latest \
rclone config show
vaultwarden_backup:
image: ttionya/vaultwarden-backup:latest
container_name: Vaultwarden_Backup
hostname: Vaultwarden_Backup
restart: unless-stopped
networks:
- principal
environment:
RCLONE_REMOTE_NAME: <DESTINO>
RCLONE_REMOTE_DIR: <DIR>
TIMEZONE: Europe/Madrid
CRON: "0 4 * * *"
ZIP_ENABLE: TRUE
ZIP_PASSWORD: <ZIP_PASSWORD>
ZIP_TYPE: zip
BACKUP_FILE_SUFFIX: "%Y-%M-%d_%H-%M-%S"
BACKUP_KEEP_DAYS: 60
DATA_DIR: "/data"
DB_TYPE: postgresql
PG_HOST: Vaultwarden_DB
PG_PORT: 5432
PG_DBNAME: vaultwarden
PG_USERNAME: vaultwardenuser
PG_PASSWORD: vaultwardenpass
volumes:
- /home/pi/docker/vaultwarden/data:/data:ro
- /home/pi/docker/vaultwarden/backup/config-rclone:/config
depends_on:
- vaultwarden