Original Tutorial: https://www.hostloc.com/thread-703431-1-1.html
Preface
Some of you may have some Azure accounts that have expired after 12 months of free service, so you can do something useful with them. Bitwarden doesn't need much introduction, it's a self-hosted password management program that works quite well and has clients available on all platforms.
Github:
GitHub
hjh142857/scripts
Some Personal Scripts
40 20
How to Install
Application Service (App Service), add, enter a name, select Docker for publishing, select Linux for the operating system, select the region as needed, select the free F1 plan for SKU and size, view and create directly, then click create.
Wait a few minutes for the deployment to complete and click Go to resource.
Modify some environment configurations, sidebar Settings (Configuration), Application settings, change the value of WEBSITES_ENABLE_APP_SERVICE_STORAGE to true, do not select the deployment slot settings.
Sidebar Settings (Configuration), General settings, change Web sockets to On, click Save, and continue.
Sidebar Development Tools (Advanced Tools) - Go to - Click Bash in the navigation bar, and execute the following command, you can paste with Ctrl+V.
mkdir /home/site/wwwroot/bitwarden
wget -P /home/site/wwwroot/bitwarden/
https://raw.githubusercontent.com/hjh142857/scripts/master/Azure_Bitwarden/bitwarden.sh
6. Sidebar Settings (Container Configuration), Docker Compose (Preview), Docker Hub, Public, Continuous deployment (Off), modify the environment variable configuration in docker-compose.yml according to your needs, after pasting the yml configuration, click Save (tips: delete the Chinese comments in the yml configuration, otherwise there will be no response when clicking Save).
7. Sidebar Overview - Restart.
8. Almost forgot, after finishing, go to https://uptimerobot.com/ to set up a web monitor to prevent hibernation. Tested for 6 hours, setting up an HTTP access every half hour works fine.
How to Update the Image
Make sure that there are no password updates or new user registrations within twice the backup cycle, and then restart according to step 7. If the default timing cycle set in the YML file is 10 minutes, then no new data needs to be submitted within 20 minutes. Under normal circumstances, Azure will automatically pull the latest image. If it is found that the latest image is not automatically pulled, you can modify the image item in the YML configuration file to specify the referenced image version, such as changing image: bitwardenrs/server to image: bitwardenrs/server:1.15.1-alpine. It is recommended to choose the alpine packaging series to save the limited resource quota of the free plan.
What to do if Web Admin redirects to localhost after logging in
Resolved, refer to the YML configuration file updated on 20200616, and add the DOMAIN environment variable.
Reference Configuration for YML
Github: https://github.com/hjh142857/scripts/tree/master/Azure_Bitwarden
version: '3'
services:
bitwarden:
image: bitwardenrs/server
restart: always
volumes:
- ${WEBAPP_STORAGE_HOME}/site/wwwroot/bitwarden:/home
entrypoint: /home/bitwarden.sh
command: ["/bitwarden_rs"]
environment: # After completing the environment variable configuration, all Chinese comments must be deleted, otherwise it cannot be saved
- WEBSOCKET_ENABLED=true # Enable websocket for pushing password changes
- SIGNUPS_ALLOWED=true # Allow new user registrations, set to false to disable new registrations
- WEB_VAULT_ENABLED=true # User web page, set to false to disable
- ADMIN_TOKEN=your_web_admin_panel_password # Password for the web admin panel, if not set, the management panel will be disabled, please read the README for details
- DOMAIN=https://your_domain # Domain name setting, the format for the free F1 plan domain is https://xxx.azurewebsites.net
- REALTIME_BAK_CYCLE=10 # Interval in minutes for scheduled backups, needs to be divisible by 60, set to 0 to disable all backups (including FTP backups)
- DAILY_BAK_COUNTS=5 # Number of daily backups for FTP, backed up at 0:00 Beijing time every day
- FTP_URL=ftp://your_ftp_url/your_folder/ # FTP backup address, must end with /, otherwise an error will occur. If this item is not set, remote FTP backup will be disabled
- FTP_USER=your_ftp_username # FTP username, if remote FTP backup is not enabled, this can be left unset
- FTP_PASS=your_ftp_password # FTP password, if remote FTP backup is not enabled, this can be left unset
nginx:
image: nginx
volumes:
- ${WEBAPP_STORAGE_HOME}/site/wwwroot/bitwarden:/home
ports:
- "80:80"
restart: always
entrypoint: /home/bitwarden.sh
command: ["nginx","-g","daemon off;"]
depends_on:
- bitwarden
Some Small Details
For the complete version, please visit the author's Github: https://github.com/hjh142857/scripts/tree/master/Azure_Bitwarden
Here I will excerpt a part
If you want to disable registration after registering your own account, please wait for a new backup file to be generated under the /home/site/wwwroot/bitwarden/backup_realtime directory before modifying the YML to disable registration.
The websocket in the current free F1 plan has a bug and cannot be used temporarily. It is being resolved. Please refer to the Azure official documentation and Github Issue.
To restore from an FTP backup, download the backup and place it in the /home/site/wwwroot/bitwarden/backup_daily directory, and clear all other backups in the backup_realtime and backup_daily directories, then restart the container to restore.
After disabling registration, the create account button will not be removed, but new registrations will not be possible.