feat:更新bitwarden

2025-09-14 13:56:55 +08:00 · 2024-11-17 00:56:10 +08:00 · 2024-11-17 00:56:10 +08:00 · db041be6a0
commit db041be6a0
parent 5e6fa09e85
9 changed files with 228 additions and 160 deletions
--- a/apps/bitwarden/1.32.4-alpine/.env.sample
+++ b/apps/bitwarden/1.32.4-alpine/.env.sample
@ -1,3 +1,7 @@
+ADMIN_TOKEN=""
 CONTAINER_NAME="bitwarden"
-PANEL_APP_PORT_HTTP="40031"
 DATA_PATH="./data"
+INVITATIONS_ALLOWED="true"
+PANEL_APP_PORT_HTTP=40031
+SIGNUPS_ALLOWED="true"
+WEBSOCKET_ENABLED="false"
--- a/apps/bitwarden/1.32.4-alpine/data.yml
+++ b/apps/bitwarden/1.32.4-alpine/data.yml
@ -1,24 +1,60 @@
 additionalProperties:
-    formFields:
-        - default: 40031
-          edit: true
-          envKey: PANEL_APP_PORT_HTTP
-          labelEn: Port
-          labelZh: 端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: ./data
-          edit: true
-          envKey: DATA_PATH
-          labelEn: Data folder path
-          labelZh: 数据文件夹路径
-          required: true
-          type: text
-        - default: ''
-          edit: true
-          envKey: ADMIN_TOKEN
-          labelEn: ADMIN_TOKEN
-          labelZh: ADMIN_TOKEN
-          required: true
-          type: text
+  formFields:
+    - default: "40031"
+      edit: true
+      envKey: PANEL_APP_PORT_HTTP
+      labelEn: Port
+      labelZh: 端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "./data"
+      edit: true
+      envKey: DATA_PATH
+      labelEn: Data folder path
+      labelZh: 数据文件夹路径
+      required: true
+      type: text
+    - default: "true"
+      edit: true
+      envKey: SIGNUPS_ALLOWED
+      labelEn: Allow Signups
+      labelZh: 允许注册
+      required: true
+      type: select
+      values:
+        - label: "True"
+          value: "true"
+        - label: "False"
+          value: "false"
+    - default: "true"
+      edit: true
+      envKey: INVITATIONS_ALLOWED
+      labelEn: Allow Invitations
+      labelZh: 允许邀请
+      required: true
+      type: select
+      values:
+        - label: "True"
+          value: "true"
+        - label: "False"
+          value: "false"
+    - default: "false"
+      edit: true
+      envKey: WEBSOCKET_ENABLED
+      labelEn: WebSocket Enabled
+      labelZh: 启用 WebSocket
+      required: true
+      type: select
+      values:
+        - label: "True"
+          value: "true"
+        - label: "False"
+          value: "false"
+    - default: ""
+      edit: true
+      envKey: ADMIN_TOKEN
+      labelEn: Admin Token
+      labelZh: 管理员令牌
+      required: false
+      type: password
--- a/apps/bitwarden/1.32.4-alpine/docker-compose.yml
+++ b/apps/bitwarden/1.32.4-alpine/docker-compose.yml
@ -1,5 +1,6 @@
 services:
  bitwarden:
+    image: "vaultwarden/server:1.32.4-alpine"
    container_name: ${CONTAINER_NAME}
    restart: always
    networks:
@ -8,14 +9,13 @@ services:
      - "${PANEL_APP_PORT_HTTP}:80"
    volumes:
      - "${DATA_PATH}:/data"
-    image: vaultwarden/server:1.32.4-alpine
+    environment:
+      - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED}
+      - INVITATIONS_ALLOWED=${INVITATIONS_ALLOWED}
+      - WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED}
+      - ADMIN_TOKEN=${ADMIN_TOKEN}
    labels:
      createdBy: "Apps"
-    environment:
-      SIGNUPS_ALLOWED: 'true'
-      INVITATIONS_ALLOWED: 'true'
-      WEBSOCKET_ENABLED: 'false'
-      ADMIN_TOKEN: '${ADMIN_TOKEN}'
 networks:
  1panel-network:
    external: true
--- a/apps/bitwarden/1.32.4-alpine/scripts/upgrade.sh
+++ b/apps/bitwarden/1.32.4-alpine/scripts/upgrade.sh
@ -0,0 +1,40 @@
+#!/bin/bash
+
+# 检查 .env 文件是否存在
+if [[ -f ./.env ]]; then
+
+  # 检查并添加 ADMIN_TOKEN 参数
+  if ! grep -q '^ADMIN_TOKEN=' ./.env; then
+    echo 'ADMIN_TOKEN=""' >> ./.env
+    echo "已添加 ADMIN_TOKEN="
+  else
+    echo "ADMIN_TOKEN 参数已存在"
+  fi
+
+  # 检查并添加 INVITATIONS_ALLOWED 参数
+  if ! grep -q '^INVITATIONS_ALLOWED=' ./.env; then
+    echo 'INVITATIONS_ALLOWED="true"' >> ./.env
+    echo "已添加 INVITATIONS_ALLOWED=true"
+  else
+    echo "INVITATIONS_ALLOWED 参数已存在"
+  fi
+
+  # 检查并添加 SIGNUPS_ALLOWED 参数
+  if ! grep -q '^SIGNUPS_ALLOWED=' ./.env; then
+    echo 'SIGNUPS_ALLOWED="true"' >> ./.env
+    echo "已添加 SIGNUPS_ALLOWED=true"
+  else
+    echo "SIGNUPS_ALLOWED 参数已存在"
+  fi
+
+  # 检查并添加 WEBSOCKET_ENABLED 参数
+  if ! grep -q '^WEBSOCKET_ENABLED=' ./.env; then
+    echo 'WEBSOCKET_ENABLED="false"' >> ./.env
+    echo "已添加 WEBSOCKET_ENABLED=false"
+  else
+    echo "WEBSOCKET_ENABLED 参数已存在"
+  fi
+
+else
+  echo ".env 文件不存在"
+fi
--- a/apps/bitwarden/README.md
+++ b/apps/bitwarden/README.md
@ -1,95 +1,3 @@
-### Alternative implementation of the Bitwarden server API written in Rust and compatible with [upstream Bitwarden clients](https://bitwarden.com/download/)*, perfect for self-hosted deployment where running the official resource-heavy service might not be ideal.
+# Vaultwarden

-📢 Note: This project was known as Bitwarden_RS and has been renamed to separate itself from the official Bitwarden server in the hopes of avoiding confusion and trademark/branding issues. Please see [#1642](https://github.com/dani-garcia/vaultwarden/discussions/1642) for more explanation.
-
---
-[![Build](https://github.com/dani-garcia/vaultwarden/actions/workflows/build.yml/badge.svg)](https://github.com/dani-garcia/vaultwarden/actions/workflows/build.yml)
-[![ghcr.io](https://img.shields.io/badge/ghcr.io-download-blue)](https://github.com/dani-garcia/vaultwarden/pkgs/container/vaultwarden)
-[![Docker Pulls](https://img.shields.io/docker/pulls/vaultwarden/server.svg)](https://hub.docker.com/r/vaultwarden/server)
-[![Quay.io](https://img.shields.io/badge/Quay.io-download-blue)](https://quay.io/repository/vaultwarden/server)
-[![Dependency Status](https://deps.rs/repo/github/dani-garcia/vaultwarden/status.svg)](https://deps.rs/repo/github/dani-garcia/vaultwarden)
-[![GitHub Release](https://img.shields.io/github/release/dani-garcia/vaultwarden.svg)](https://github.com/dani-garcia/vaultwarden/releases/latest)
-[![AGPL-3.0 Licensed](https://img.shields.io/github/license/dani-garcia/vaultwarden.svg)](https://github.com/dani-garcia/vaultwarden/blob/main/LICENSE.txt)
-[![Matrix Chat](https://img.shields.io/matrix/vaultwarden:matrix.org.svg?logo=matrix)](https://matrix.to/#/#vaultwarden:matrix.org)
-
-Image is based on [Rust implementation of Bitwarden API](https://github.com/dani-garcia/vaultwarden).
-
-**This project is not associated with the [Bitwarden](https://bitwarden.com/) project nor Bitwarden, Inc.**
-
-#### ⚠️**IMPORTANT**⚠️: When using this server, please report any bugs or suggestions to us directly (look at the bottom of this page for ways to get in touch), regardless of whatever clients you are using (mobile, desktop, browser...). DO NOT use the official support channels.
-
---
-
-## Features
-
-Basically full implementation of Bitwarden API is provided including:
-
- * Organizations support
- * Attachments and Send
- * Vault API support
- * Serving the static files for Vault interface
- * Website icons API
- * Authenticator and U2F support
- * YubiKey and Duo support
- * Emergency Access
-
-## Installation
-Pull the docker image and mount a volume from the host for persistent storage:
-
-```sh
-docker pull vaultwarden/server:latest
-docker run -d --name vaultwarden -v /vw-data/:/data/ -p 80:80 vaultwarden/server:latest
-```
-This will preserve any persistent data under /vw-data/, you can adapt the path to whatever suits you.
-
-**IMPORTANT**: Most modern web browsers, disallow the use of Web Crypto APIs in insecure contexts. In this case, you might get an error like `Cannot read property 'importKey'`. To solve this problem, you need to access the web vault via HTTPS or localhost.
-
-This can be configured in [vaultwarden directly](https://github.com/dani-garcia/vaultwarden/wiki/Enabling-HTTPS) or using a third-party reverse proxy ([some examples](https://github.com/dani-garcia/vaultwarden/wiki/Proxy-examples)).
-
-If you have an available domain name, you can get HTTPS certificates with [Let's Encrypt](https://letsencrypt.org/), or you can generate self-signed certificates with utilities like [mkcert](https://github.com/FiloSottile/mkcert). Some proxies automatically do this step, like Caddy (see examples linked above).
-
-## Usage
-See the [vaultwarden wiki](https://github.com/dani-garcia/vaultwarden/wiki) for more information on how to configure and run the vaultwarden server.
-
-## Get in touch
-To ask a question, offer suggestions or new features or to get help configuring or installing the software, please use [GitHub Discussions](https://github.com/dani-garcia/vaultwarden/discussions) or [the forum](https://vaultwarden.discourse.group/).
-
-If you spot any bugs or crashes with vaultwarden itself, please [create an issue](https://github.com/dani-garcia/vaultwarden/issues/). Make sure you are on the latest version and there aren't any similar issues open, though!
-
-If you prefer to chat, we're usually hanging around at [#vaultwarden:matrix.org](https://matrix.to/#/#vaultwarden:matrix.org) room on Matrix. Feel free to join us!
-
-### Sponsors
-Thanks for your contribution to the project!
-
-<!--
-<table>
-  <tr>
-    <td align="center">
-      <a href="https://github.com/username">
-        <img src="https://avatars.githubusercontent.com/u/725423?s=75&v=4" width="75px;" alt="username"/>
-        <br />
-        <sub><b>username</b></sub>
-      </a>
-  </td>
-  </tr>
-</table>
-
-<br/>
-->
-
-<table>
-  <tr>
-    <td align="center">
-       <a href="https://github.com/themightychris" style="width: 75px">
-        <sub><b>Chris Alfano</b></sub>
-      </a>
-    </td>
-  </tr>
-  <tr>
-    <td align="center">
-      <a href="https://github.com/numberly" style="width: 75px">
-        <sub><b>Numberly</b></sub>
-      </a>
-    </td>
-  </tr>
-</table>
+Vaultwarden 是 Bitwarden 客户端 API 的替代服务器实现，使用 Rust 编写，兼容 [官方 Bitwarden 客户端](https://bitwarden.com/download/)（详见 [免责声明](https://github.com/dani-garcia/vaultwarden/blob/main/README.md#disclaimer)）。它非常适合在需要自托管的环境中部署，尤其是在官方服务资源消耗较大的情况下提供了更轻量的解决方案。
--- a/apps/bitwarden/latest/.env.sample
+++ b/apps/bitwarden/latest/.env.sample
@ -1,3 +1,7 @@
+ADMIN_TOKEN=""
 CONTAINER_NAME="bitwarden"
-PANEL_APP_PORT_HTTP="40031"
 DATA_PATH="./data"
+INVITATIONS_ALLOWED="true"
+PANEL_APP_PORT_HTTP=40031
+SIGNUPS_ALLOWED="true"
+WEBSOCKET_ENABLED="false"
--- a/apps/bitwarden/latest/data.yml
+++ b/apps/bitwarden/latest/data.yml
@ -1,24 +1,60 @@
 additionalProperties:
-    formFields:
-        - default: 40031
-          edit: true
-          envKey: PANEL_APP_PORT_HTTP
-          labelEn: Port
-          labelZh: 端口
-          required: true
-          rule: paramPort
-          type: number
-        - default: ./data
-          edit: true
-          envKey: DATA_PATH
-          labelEn: Data folder path
-          labelZh: 数据文件夹路径
-          required: true
-          type: text
-        - default: ''
-          edit: true
-          envKey: ADMIN_TOKEN
-          labelEn: ADMIN_TOKEN
-          labelZh: ADMIN_TOKEN
-          required: true
-          type: text
+  formFields:
+    - default: "40031"
+      edit: true
+      envKey: PANEL_APP_PORT_HTTP
+      labelEn: Port
+      labelZh: 端口
+      required: true
+      rule: paramPort
+      type: number
+    - default: "./data"
+      edit: true
+      envKey: DATA_PATH
+      labelEn: Data folder path
+      labelZh: 数据文件夹路径
+      required: true
+      type: text
+    - default: "true"
+      edit: true
+      envKey: SIGNUPS_ALLOWED
+      labelEn: Allow Signups
+      labelZh: 允许注册
+      required: true
+      type: select
+      values:
+        - label: "True"
+          value: "true"
+        - label: "False"
+          value: "false"
+    - default: "true"
+      edit: true
+      envKey: INVITATIONS_ALLOWED
+      labelEn: Allow Invitations
+      labelZh: 允许邀请
+      required: true
+      type: select
+      values:
+        - label: "True"
+          value: "true"
+        - label: "False"
+          value: "false"
+    - default: "false"
+      edit: true
+      envKey: WEBSOCKET_ENABLED
+      labelEn: WebSocket Enabled
+      labelZh: 启用 WebSocket
+      required: true
+      type: select
+      values:
+        - label: "True"
+          value: "true"
+        - label: "False"
+          value: "false"
+    - default: ""
+      edit: true
+      envKey: ADMIN_TOKEN
+      labelEn: Admin Token
+      labelZh: 管理员令牌
+      required: false
+      type: password
--- a/apps/bitwarden/latest/docker-compose.yml
+++ b/apps/bitwarden/latest/docker-compose.yml
@ -1,5 +1,6 @@
 services:
  bitwarden:
+    image: "vaultwarden/server:latest"
    container_name: ${CONTAINER_NAME}
    restart: always
    networks:
@ -8,14 +9,13 @@ services:
      - "${PANEL_APP_PORT_HTTP}:80"
    volumes:
      - "${DATA_PATH}:/data"
-    image: vaultwarden/server:latest
+    environment:
+      - SIGNUPS_ALLOWED=${SIGNUPS_ALLOWED}
+      - INVITATIONS_ALLOWED=${INVITATIONS_ALLOWED}
+      - WEBSOCKET_ENABLED=${WEBSOCKET_ENABLED}
+      - ADMIN_TOKEN=${ADMIN_TOKEN}
    labels:
      createdBy: "Apps"
-    environment:
-      SIGNUPS_ALLOWED: 'true'
-      INVITATIONS_ALLOWED: 'true'
-      WEBSOCKET_ENABLED: 'false'
-      ADMIN_TOKEN: '${ADMIN_TOKEN}'
 networks:
  1panel-network:
    external: true
--- a/apps/bitwarden/latest/scripts/upgrade.sh
+++ b/apps/bitwarden/latest/scripts/upgrade.sh
@ -0,0 +1,40 @@
+#!/bin/bash
+
+# 检查 .env 文件是否存在
+if [[ -f ./.env ]]; then
+
+  # 检查并添加 ADMIN_TOKEN 参数
+  if ! grep -q '^ADMIN_TOKEN=' ./.env; then
+    echo 'ADMIN_TOKEN=""' >> ./.env
+    echo "已添加 ADMIN_TOKEN="
+  else
+    echo "ADMIN_TOKEN 参数已存在"
+  fi
+
+  # 检查并添加 INVITATIONS_ALLOWED 参数
+  if ! grep -q '^INVITATIONS_ALLOWED=' ./.env; then
+    echo 'INVITATIONS_ALLOWED="true"' >> ./.env
+    echo "已添加 INVITATIONS_ALLOWED=true"
+  else
+    echo "INVITATIONS_ALLOWED 参数已存在"
+  fi
+
+  # 检查并添加 SIGNUPS_ALLOWED 参数
+  if ! grep -q '^SIGNUPS_ALLOWED=' ./.env; then
+    echo 'SIGNUPS_ALLOWED="true"' >> ./.env
+    echo "已添加 SIGNUPS_ALLOWED=true"
+  else
+    echo "SIGNUPS_ALLOWED 参数已存在"
+  fi
+
+  # 检查并添加 WEBSOCKET_ENABLED 参数
+  if ! grep -q '^WEBSOCKET_ENABLED=' ./.env; then
+    echo 'WEBSOCKET_ENABLED="false"' >> ./.env
+    echo "已添加 WEBSOCKET_ENABLED=false"
+  else
+    echo "WEBSOCKET_ENABLED 参数已存在"
+  fi
+
+else
+  echo ".env 文件不存在"
+fi