====== Vaultwarden ======

Self-hosted Bitwarden-kompatibler Password Manager.

===== Details =====

^ Key ^ Value ^
| Container | CT 112 |
| IP | 10.100.161.112 |
| Port | 8080 |
| RAM | 512 MB |
| URL | https://vault.home.miskam.xyz |

===== Deployment =====

Vaultwarden Binary wird aus dem Docker-Image extrahiert (keine prebuilt Binaries verfügbar).

Tool: [[https://github.com/jjlin/docker-image-extract|docker-image-extract]]

<code bash>
# Binary extrahieren
./docker-image-extract vaultwarden/server:latest
cp output/vaultwarden /opt/vaultwarden/
cp -r output/web-vault/* /opt/vaultwarden/web-vault/
</code>

===== Features =====

  * Bitwarden-kompatible API
  * Browser Extensions
  * Mobile Apps
  * Organizations & Collections
  * Admin Panel

===== Struktur =====

<code>
/opt/vaultwarden/
├── vaultwarden          # Binary
├── .env                 # Environment config
├── data/                # SQLite DB + Attachments
└── web-vault/           # Web UI
</code>

===== Datenbank =====

Zwei Optionen:
  * **SQLite** (default): /opt/vaultwarden/data/db.sqlite3
  * **PostgreSQL**: 10.100.161.110

===== Service =====

<code bash>
systemctl status vaultwarden
journalctl -u vaultwarden -f
</code>

===== Admin Panel =====

  * URL: https://vault.home.miskam.xyz/admin
  * Token: In Vaultwarden selbst gespeichert

===== Backup =====

<code bash>
# Alles sichern
rsync -av /opt/vaultwarden/data/ backup/
</code>

===== Ansible =====

<code bash>
ansible-playbook site.yml --limit vaultwarden
</code>

===== Secrets Management =====

Alle Infrastruktur-Credentials sind hier gespeichert:
  * **Organisation:** mxmlabs
  * **Collection:** Network Automation

Das Ansible Bitwarden Lookup Plugin holt Secrets zur Laufzeit.

===== Links =====

  * [[https://github.com/dani-garcia/vaultwarden|Vaultwarden GitHub]]
  * [[https://github.com/jjlin/docker-image-extract|docker-image-extract]]
  * [[https://bitwarden.com/help/|Bitwarden Help]]