Opened 10 months ago
Last modified 4 months ago
#680 new task
Let's bring up a vaultwarden instance
| Reported by: | m | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | Services | Keywords: | |
| Cc: |
Description
title pretty much says it. we're storing/sharing passwords/codes occasionally. vaultwarden. tied to ldap groups?
Change History (4)
comment:1 by , 9 months ago
- https://github.com/dani-garcia/vaultwarden/pull/3899
- https://github.com/Timshel/OIDCWarden
comment:2 by , 5 months ago
"Vaultwarden does a end-to-end encryption thing, and it still requires its users to have a master password for that even if it did use Sso."
comment:3 by , 5 months ago
comment:4 by , 4 months ago
I got most of the way there but vaultwarden's s3 support is fucked and only supports official s3 buckets, here's my diff:
diff --git a/docker/Dockerfile.debian b/docker/Dockerfile.debian
index 9d1af57f..db2b1f43 100644
--- a/docker/Dockerfile.debian
+++ b/docker/Dockerfile.debian
@@ -117,7 +117,7 @@ COPY ./macros ./macros
ARG CARGO_PROFILE=release
# Configure the DB ARG as late as possible to not invalidate the cached layers above
-ARG DB=sqlite,mysql,postgresql
+ARG DB=sqlite,mysql,postgresql,s3
# Builds your dependencies and removes the
# dummy project, except the target folder
diff --git a/src/config.rs b/src/config.rs
index 116c9096..6cb14467 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -1339,6 +1339,8 @@ fn opendal_s3_operator_for_path(path: &str) -> Result<opendal::Operator, Error>
.enable_virtual_host_style()
.bucket(bucket)
.root(url.path())
+ .region("us-sea-1")
+ .endpoint("https://s3.janky.solutions")
.default_storage_class("INTELLIGENT_TIERING");
Ok(opendal::Operator::new(builder)?.finish())
and getting the error:
[2025-09-12 23:00:27.123][vaultwarden][ERROR] Error creating private key 's3://devhack-vaultwarden/rsa_key.pem'
OpenDAL.
[CAUSE] Error {
kind: ConfigInvalid,
message: "S3Error { code: \"NoSuchBucket\", message: \"\", resource: \"\", request_id: \"tx00000e3f59fa215b3c6ca-0068c4a60b-10738299-muh-buckets\" }",
status: Permanent,
operation: "read",
context: [
(
"uri",
"https://devhack-vaultwarden.s3.janky.solutions/rsa_key.pem",
),
(
"response",
"Parts { status: 404, version: HTTP/1.1, headers: {\"accept-ranges\": \"bytes\", \"content-length\": \"260\", \"content-type\": \"application/xml\", \"date\": \"Fri, 12 Sep 2025 23:00:27 GMT\", \"server\": \"Ceph Object Gateway (squid)\", \"x-amz-request-id\": \"tx00000e3f59fa215b3c6ca-0068c4a60b-10738299-muh-buckets\"} }",
),
Note:
See TracTickets
for help on using tickets.
