/vaultwarden_gcp

Vaultwarden installation optimized for Google Cloud's 'always free' e2-micro compute instance

Primary LanguageShellMIT LicenseMIT

Bitwarden self-hosted on Google Cloud for Free


Features

  • Bitwarden self-hosted (via Vaultwarden) on Google Cloud 'always free' e2-micro tier
  • Automatic https certificate management through Caddy 2 proxy
  • Dynamic DNS updates through ddclient
  • Blocking brute-force attempts with fail2ban
  • Country-wide blocking through iptables and ipset
  • Automatic backups

Installation

Follow the guide in the wiki to install and configure Bitwarden self-hosted on Google Cloud

Changelog

2.0.2 - 7 November 2023

  • Improve fail2ban SMTP env variable documentation in .env.template (#79)
  • Update IP Header env var (#77)
  • Push fail2ban logs to STDOUT / docker logging
  • Update docker-compose to latest version (#76). Requires manual updating of ~/.bash_alias with the following command:
$ docker-compose version
$ sed -i "s|docker/compose|docker compose|g" ~/.bash_alias
$ source ~/.bash_alias
$ docker-compose version

2.0.1 - 25 October 2023

  • Update backup option to include .env for full restoration. Off by default. Please encrypt your backup if including .env
  • Starting new versioning/tagging system to keep track of changes. Arbitrarily starting after 2.0, which was the fully modular approach.

3 April 2023 Alert: Recent changes to Vaultwarden may cause Vaultwarden to fail to start due to default environmental variables. .env.template has been updated in this repo, however, if you are affected, you must also update .env and comment out all YUBICO_* variables, so that they appear as:

#YUBICO_CLIENT_ID=
#YUBICO_SECRET_KEY=
#YUBICO_SERVER=

Restart with docker-compose, and Vaultwarden should come up as normal. Credit to @AySz88 for reporting this.