Day: November 20, 2021

Bitwarden Docker Installation

Bitwarden Docker Installation

Update: Bitwarden could not detect new and update password in browsers in most of cases. No matter how easy it can be used, without this auto detection feature, it is useless.

Bitwarden is an opensource password manager, can be self-hosted, and can be installed as docker container. It supports many browsers and OSes.

Steps

Create docker-compose.yaml

Create docker-compose.yaml, and make sure

  • SIGNUPS_ALLOWED is 'true'
# docker-compose.yml
version: '3'

services:
  bitwarden:
    image: bitwardenrs/server
    restart: always
    ports:
      - 8000:80
    volumes:
      - ./bw-data:/data
    environment:
      WEBSOCKET_ENABLED: 'true' # Required to use websockets
      SIGNUPS_ALLOWED: 'true'   # set to false to disable signups

Create

Run following command, in the directory contains docker-compose.yaml

docker-compose up -d

Configure HTTPS in NGINX

Without HTTPS, bitwarden doesn't allow new user registration.

Add following statements in server location definition.

server {
    server_name  nginx_host;
    listen 443 ssl;

    ...

    location /bw {
        rewrite /bw(.*) /$1 break;
        proxy_pass  'http://192.168.1.222:8000';
        proxy_redirect     off;
        proxy_set_header   Host $host;
    }
    ...
}

Then the URL of bitwarden will be https://nginx_host/bw/

Register

Access https://nginx_host/bw/, and register email and password.

Disable new user creation

  • Destory old bitwarden instance
docker-compose down
  • Update docker-compose.yaml file
SIGNUPS_ALLOWED: 'false';
  • Recreate instance
docker-compose up -d

Trun on 2FA

In website, go to Settings => Two-step Login ...

Install clients

Go to bitwarden website to install.

References

Run Bitwarden Password Manager in Docker Container
Install and Deploy - Linux
The Best Password Managers to Secure Your Digital Life
Host your own FREE Password Manager with your Synology NAS
Install and Sync All of Your Devices
Connect Clients to your Instance
Request Hosting Installation Id & Key

NextCloud password manager – Passwords

NextCloud password manager - Passwords

NextCloud password manager, Passwords is an add-on feature of NextCloud, it can be used to save passwords.

Support

It supports Firefox, Chrome, but not Safari. It also supports iOS and Android.

It doesn\'t support OS, such as SSH.

Interface

The interface is too complex compare with other system default password saving features, not user friendly.

Pros

Have notes for password, which allows saving more info.

References

Password managers for Nextcloud

Move Docker Directory

Move Docker Directory

Docker directory is /var/lib/docker. As /var should be a system directory, and most of the files in /var are log files, security related files, etc.

Docker is a application, which contains huge container data, move /var/lib/docker to data disk should be the good practice.

Methods

The are two methods I used to move /var/lib/docker directory.

Change Docker config

In /etc/docker/daemon.json file, add following entry.

{
   "data-root": "/path/to/your/docker" 
}

This makes the Docker implementation become non-standard, but as some other settings in this file also need to be set as well, such as Docker log file size, etc., this can be a normal practise for those system not many administrators.

Create soft link

Move /var/lib/docker to another location using mv command, then create a soft link /var/lib/docker point to new location.

This can be a simple and clear way, because system administrator can easily find the location without pre-check docker configuration, especially if predefined commands are required to be provided to others.

Drawback

For the first method, changing Docker configuration, although the non-standard configuration used, but Docker knows the location of data.

For the second method, adminstrator knows file location, but Docker doesn't know. So, if Docker likes to optimize the system, it might get wrong info.

References

How to move docker data directory to another location on Ubuntu

iMac waked up regularly

iMac waked up regularly

My iMac keeps waking up, although this wasn't a problem for my Mac mini, it is an issue for my iMac. The difference between is, iMac got very annoying fan noise, even no activity.

Many factors

There are so many factors to wake iMac up according to Apple, but I think the may reason is Timemachine. The option of Wake for network access in Energy Saver is for the tasks to be taken during sleep, including Timemachine. But this option is related to wake up on LAN as well, then if I need WoL, I can not turn off this option.

There is also no Do not disturb option in my this iMac, it has older macOS High Sierra.

Issue

The actual issue caused annoying problem, is Timemachine has no scheduling.

Another issue

Unlike some other OS, iMac won't maintain ssh connection after sleeped. This is a huge issue to me because I use ssh heavily. Thinking to configure VPN, and use VPN to connect to other servers, maybe can maintain connection.

References

If your Mac sleeps or wakes unexpectedly