From ba7a0d9c2996bae68bc977914a11894ea70d1975 Mon Sep 17 00:00:00 2001 From: Lars Klemstein Date: Sat, 15 Nov 2025 23:21:12 +0100 Subject: [PATCH] init version --- .gitignore | 5 +++++ docker-compose.yml | 24 ++++++++++++++++++++++++ tools/backup.sh | 24 ++++++++++++++++++++++++ tools/create-env.sh | 23 +++++++++++++++++++++++ 4 files changed, 76 insertions(+) create mode 100644 .gitignore create mode 100644 docker-compose.yml create mode 100755 tools/backup.sh create mode 100755 tools/create-env.sh diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..249e50b --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +admin_token.txt +.env +fingerprint.txt +_TO_BE_DELETED/ +backups/ diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..ae25e44 --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,24 @@ +--- +services: + vaultwarden: + image: vaultwarden/server:latest + container_name: vaultwarden + restart: unless-stopped + env_file: .env + ports: + - "127.0.0.1:13003:80" + environment: + - ROCKET_ADDRESS=${ROCKET_ADDRESS} + - ROCKET_PORT=${ROCKET_PORT} + - DOMAIN=${DOMAIN} + - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED} + # - ADMIN_TOKEN_FILE=${ADMIN_TOKEN_FILE} + volumes: + - vaultwarden-data:/data + dns: + - 1.1.1.1 + - 9.9.9.9 + +volumes: + vaultwarden-data: + name: vaultwarden-data diff --git a/tools/backup.sh b/tools/backup.sh new file mode 100755 index 0000000..d20b199 --- /dev/null +++ b/tools/backup.sh @@ -0,0 +1,24 @@ +#!/bin/bash +# Daily backup for Vaultwarden data volume +# Creates compressed tar.gz archives with 7-day rotation + +set -euo pipefail + +BACKUP_DIR="/srv/docker_services/www/sites/knusperkerne/vault/backups" +VOLUME_NAME="vaultwarden-data" +DATE=$(date +%F) +ARCHIVE="$BACKUP_DIR/vaultwarden_${DATE}.tar.gz" + +mkdir -p "$BACKUP_DIR" + +echo "[INFO] Creating backup for Vaultwarden volume: $VOLUME_NAME" +docker run --rm \ + -v "${VOLUME_NAME}:/data:ro" \ + -v "${BACKUP_DIR}:/backup" \ + alpine tar czf "/backup/vaultwarden_${DATE}.tar.gz" /data + +# Keep only 7 most recent backups +echo "[INFO] Rotating old backups..." +ls -1t "$BACKUP_DIR"/vaultwarden_*.tar.gz | tail -n +8 | xargs -r rm -f + +echo "[OK] Backup completed: $ARCHIVE" diff --git a/tools/create-env.sh b/tools/create-env.sh new file mode 100755 index 0000000..902455c --- /dev/null +++ b/tools/create-env.sh @@ -0,0 +1,23 @@ +#!/bin/bash +# Create .env for Vaultwarden (self-hosted Bitwarden) +# No admin-token handling — purely environment setup. + +set -e + +ENV_FILE=".env" + +if [ -f "$ENV_FILE" ]; then + echo ".env already exists — skipping." + exit 0 +fi + +cat >"$ENV_FILE" <<'EOF' +# Vaultwarden environment configuration +DOMAIN=https://vault.knusperkerne.de +ROCKET_ADDRESS=0.0.0.0 +ROCKET_PORT=80 +SIGNUPS_ALLOWED=false +# ADMIN_TOKEN_FILE=/data/admin_token.txt +EOF + +echo ".env created successfully."