diff --git a/site/source/_static/images/services/vaultwarden/bitwarden-mac-url.png b/site/source/_static/images/services/vaultwarden/bitwarden-mac-url.png new file mode 100644 index 0000000..74e3c15 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/bitwarden-mac-url.png differ diff --git a/site/source/_static/images/services/vaultwarden/bitwarden-mac.png b/site/source/_static/images/services/vaultwarden/bitwarden-mac.png new file mode 100644 index 0000000..3cf29ef Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/bitwarden-mac.png differ diff --git a/site/source/_static/images/services/vaultwarden/confirm-user.png b/site/source/_static/images/services/vaultwarden/confirm-user.png index 4ea7d5e..19d2b9f 100644 Binary files a/site/source/_static/images/services/vaultwarden/confirm-user.png and b/site/source/_static/images/services/vaultwarden/confirm-user.png differ diff --git a/site/source/_static/images/services/vaultwarden/invite-user.png b/site/source/_static/images/services/vaultwarden/invite-user.png index a73ae22..996c47e 100644 Binary files a/site/source/_static/images/services/vaultwarden/invite-user.png and b/site/source/_static/images/services/vaultwarden/invite-user.png differ diff --git a/site/source/_static/images/services/vaultwarden/user-permissions.png b/site/source/_static/images/services/vaultwarden/user-permissions.png index b6c292c..3da78f2 100644 Binary files a/site/source/_static/images/services/vaultwarden/user-permissions.png and b/site/source/_static/images/services/vaultwarden/user-permissions.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-account-creation.png b/site/source/_static/images/services/vaultwarden/vaultwarden-account-creation.png new file mode 100644 index 0000000..37190cf Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-account-creation.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-account-settings.png b/site/source/_static/images/services/vaultwarden/vaultwarden-account-settings.png new file mode 100644 index 0000000..b31409c Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-account-settings.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-add-folder.png b/site/source/_static/images/services/vaultwarden/vaultwarden-add-folder.png new file mode 100644 index 0000000..c157dc2 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-add-folder.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-add-item.png b/site/source/_static/images/services/vaultwarden/vaultwarden-add-item.png new file mode 100644 index 0000000..9468704 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-add-item.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-add-new-login.png b/site/source/_static/images/services/vaultwarden/vaultwarden-add-new-login.png new file mode 100644 index 0000000..37c56cf Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-add-new-login.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-admin-console-auth.png b/site/source/_static/images/services/vaultwarden/vaultwarden-admin-console-auth.png new file mode 100644 index 0000000..701b615 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-admin-console-auth.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-admin-console.png b/site/source/_static/images/services/vaultwarden/vaultwarden-admin-console.png new file mode 100644 index 0000000..ac25362 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-admin-console.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-click-add-folder.png b/site/source/_static/images/services/vaultwarden/vaultwarden-click-add-folder.png new file mode 100644 index 0000000..b0f567a Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-click-add-folder.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-create-account-email.png b/site/source/_static/images/services/vaultwarden/vaultwarden-create-account-email.png new file mode 100644 index 0000000..d514e32 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-create-account-email.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-create-account.png b/site/source/_static/images/services/vaultwarden/vaultwarden-create-account.png new file mode 100644 index 0000000..48ed0da Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-create-account.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-fresh-vault.png b/site/source/_static/images/services/vaultwarden/vaultwarden-fresh-vault.png new file mode 100644 index 0000000..2a2ff63 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-fresh-vault.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-in-marketplace.png b/site/source/_static/images/services/vaultwarden/vaultwarden-in-marketplace.png new file mode 100644 index 0000000..763ece3 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-in-marketplace.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-install.png b/site/source/_static/images/services/vaultwarden/vaultwarden-install.png new file mode 100644 index 0000000..e2999e2 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-install.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-interfaces-both.png b/site/source/_static/images/services/vaultwarden/vaultwarden-interfaces-both.png new file mode 100644 index 0000000..ae0ea65 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-interfaces-both.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-interfaces.png b/site/source/_static/images/services/vaultwarden/vaultwarden-interfaces.png new file mode 100644 index 0000000..a161c1c Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-interfaces.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-lan-address.png b/site/source/_static/images/services/vaultwarden/vaultwarden-lan-address.png new file mode 100644 index 0000000..016d64e Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-lan-address.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-launch-ui.png b/site/source/_static/images/services/vaultwarden/vaultwarden-launch-ui.png new file mode 100644 index 0000000..77f41a6 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-launch-ui.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-login-email.png b/site/source/_static/images/services/vaultwarden/vaultwarden-login-email.png new file mode 100644 index 0000000..fc35d5f Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-login-email.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-login-password.png b/site/source/_static/images/services/vaultwarden/vaultwarden-login-password.png new file mode 100644 index 0000000..d09e3a7 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-login-password.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-needs-config.png b/site/source/_static/images/services/vaultwarden/vaultwarden-needs-config.png new file mode 100644 index 0000000..c1cba4b Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-needs-config.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-new-login.png b/site/source/_static/images/services/vaultwarden/vaultwarden-new-login.png new file mode 100644 index 0000000..6ae1968 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-new-login.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-properties-admin.png b/site/source/_static/images/services/vaultwarden/vaultwarden-properties-admin.png new file mode 100644 index 0000000..112868e Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-properties-admin.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-properties.png b/site/source/_static/images/services/vaultwarden/vaultwarden-properties.png new file mode 100644 index 0000000..db76962 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-properties.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-save-config.png b/site/source/_static/images/services/vaultwarden/vaultwarden-save-config.png new file mode 100644 index 0000000..3a0b236 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-save-config.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-start-service.png b/site/source/_static/images/services/vaultwarden/vaultwarden-start-service.png new file mode 100644 index 0000000..472f696 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-start-service.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-tools.png b/site/source/_static/images/services/vaultwarden/vaultwarden-tools.png new file mode 100644 index 0000000..8e33ca7 Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-tools.png differ diff --git a/site/source/_static/images/services/vaultwarden/vaultwarden-tor-address.png b/site/source/_static/images/services/vaultwarden/vaultwarden-tor-address.png new file mode 100644 index 0000000..d69b12e Binary files /dev/null and b/site/source/_static/images/services/vaultwarden/vaultwarden-tor-address.png differ diff --git a/site/source/_static/images/services/vaultwarden/verify-user.png b/site/source/_static/images/services/vaultwarden/verify-user.png index 6d39bff..0c1a0c6 100644 Binary files a/site/source/_static/images/services/vaultwarden/verify-user.png and b/site/source/_static/images/services/vaultwarden/verify-user.png differ diff --git a/site/source/user-manual/service-guides/vaultwarden/bitwarden-client-setup.rst b/site/source/user-manual/service-guides/vaultwarden/bitwarden-client-setup.rst new file mode 100644 index 0000000..651c77d --- /dev/null +++ b/site/source/user-manual/service-guides/vaultwarden/bitwarden-client-setup.rst @@ -0,0 +1,303 @@ +.. _bitwarden-client-setup: + +============ +Client Setup +============ + +Here you can setup your various devices and browsers to be able to access your Vaultwarden server. + +Browser Extension +----------------- + + .. tabs:: + + .. group-tab:: Tor + + Browser Extension + ----------------- + If connecting via Tor (i.e using the .onion address) the Bitwarden browser extension will only work with a Tor enabled browser. You can use Firefox (recommended), Tor Browser or Brave Browser. + + #. If you choose Firefox, you will need to :ref:`setup Tor on your device ` and :ref:`configure Firefox to use Tor `. If using Brave you will just need to :ref:`setup Tor on your device `. With Tor Browser, everything will just work right out of the box. + + .. tip:: We recommend using Firefox as it is the most compatible browser with Start9 Servers. + + #. In this example we will use Firefox, though these instructions will work just the same for Brave. First, install the `Bitwarden browser extension `_. + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the Tor address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-tor-address.png + :width: 50% + :alt: vaultwarden-tor-address + + #. Now head to the Bitwarden extension and click the cog in the top left. Under **Self-hosted environment** you will see a field for **Server URL**. Now we need to grab the address of our Vaultwarden server. + + #. Paste the address into your extension and click "Save" + + #. Now enter your credentials and the Bitwarden extension will be logged into your self-hosted Vaultwarden server! + + + .. group-tab:: LAN + + We suggest using Tor, however it is possible have a good experience with LAN. Once synced, your app and all your passwords will be cached and available when you are on the go and not connected to your Start9 Server, and you will only need to be on LAN to update any edits to your vault. + + #. Start by installing the `Bitwarden browser extension `_. + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the LAN address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-lan-address.png + :width: 50% + :alt: vaultwarden-lan-address + + #. Now head to the Bitwarden extension and click the cog in the top left. Under **Self-hosted environment** you will see a field for **Server URL**. Now we need to grab the address of our Vaultwarden server. + + #. Paste the address into your extension and click "Save" + + #. Now enter your credentials and the Bitwarden extension will be logged into your self-hosted Vaultwarden server! + + +Android +------- + +.. tabs:: + + .. group-tab:: Tor + + You will need to :ref:`Setup Tor ` on your device first. + + #. Visit your app store of choice and download the Bitwarden app. Once downloaded and installed, let's go into Orbot, and add the app to the VPN apps list. You may need to hit the refresh button in the top left to get it to populate. + + #. Next, enter the Bitwarden app. You'll be greeted with a log-in screen. Go to the top left gear icon to enter the settings. + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the Tor address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-tor-address.png + :width: 50% + :alt: vaultwarden-tor-address + + #. Now send that address to your phone and paste it into Bitwarden. + + #. Hit save. + + #. Go ahead and tap 'Log In,' enter your credentials, and you can access your Bitwarden app / Vaultwarden server. + + .. group-tab:: LAN + + We suggest using Tor, however it is possible have a good experience with LAN. Once synced, your app and all your passwords will be cached and available when you are on the go and not connected to your Start9 Server, and you will only need to be on LAN to update any edits to your vault. + + Begin by :ref:`setting up LAN ` on your device. + + #. Visit your app store of choice and download the Bitwarden app. Once downloaded and installed, let's go into Orbot, and add the app to the VPN apps list. You may need to hit the refresh button in the top left to get it to populate. + + #. Next, enter the Bitwarden app. You'll be greeted with a log-in screen. Go to the top left gear icon to enter the settings. + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the LAN address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-lan-address.png + :width: 50% + :alt: vaultwarden-lan-address + + #. Now send that address to your phone and paste it into Bitwarden. + + #. Hit save. + + #. Go ahead and tap 'Log In,' enter your credentials, and you can access your Bitwarden app / Vaultwarden server. + +iOS +--- + +.. tabs:: + + .. group-tab:: Tor + + Begin by :ref:`setting up Tor ` on your iPhone. + + #. Visit the App Store and download the `Bitwarden app `_ + + #. Open the Bitwarden app. You'll be greeted with a log-in screen. + + #. Go to the top left gear icon to enter the settings. + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the Tor address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-tor-address.png + :width: 50% + :alt: vaultwarden-tor-address + + #. Now send that address to your phone and paste it into Bitwarden but **before you hit save:** + + .. note:: The Tor address you will have copied will begin with **http** - Please change this to **https** instead of **http** + + #. Now you can hit save, and you'll be returned to the log-in screen. + + #. Go ahead and tap 'Log In,' enter your credentials, and you'll be able to access your Bitwarden app / Vaultwarden server! + + .. group-tab:: LAN + + We suggest using Tor, however it is possible have a good experience with LAN. Once synced, your app and all your passwords will be cached and available when you are on the go and not connected to your Start9 Server, and you will only need to be on LAN to update any edits to your vault. + + Begin by :ref:`setting up LAN ` on your device. + + #. Visit the App Store and download the `Bitwarden app `_ + + #. Open the Bitwarden app. You'll be greeted with a log-in screen. + + #. Go to the top left gear icon to enter the settings. + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the LAN address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-lan-address.png + :width: 50% + :alt: vaultwarden-lan-address + + #. Now send that address to your phone and paste it into Bitwarden. + + #. Now you can hit save, and you'll be returned to the log-in screen. + + #. Go ahead and tap 'Log In,' enter your credentials, and you'll be able to access your Bitwarden app / Vaultwarden server! + + +Desktop Clients +--------------- + + .. collapse:: Linux + + Linux + ===== + + First, be sure to get Tor :ref:`running on your system `. + + #. Install Bitwarden either by using a package manager like **apt** (we recommend against using **snap**) or download it from `here `_. + + #. Run the program with the flag ``--proxy-server=socks5://127.0.0.1:9050`` behind it. You can run this from a terminal, and if you'd like to use a shortcut, edit that shortcut file to include the flag. + + #. As with the other solutions above, click the 'Settings' icon, and enter your Vaultwarden Tor address. You can then log in to your vault. + + Alternatively, you may be able to run using your LAN address, but this has proven finicky, especially on Debian/Ubuntu systems. You will have better luck if you have the Root CA installed at the OS level. First, be sure to :ref:`Setup LAN ` natively. + + .. collapse:: Mac + + Mac + === + + .. tabs:: + + .. group-tab:: Tor + + #. Begin by making sure that Tor is :ref:`running on your Mac`. + + #. Download the `Bitwarden Desktop app `_. + + #. Open the Bitwarden app and click on "Settings" in the top left: + + .. figure:: /_static/images/services/vaultwarden/bitwarden-mac.png + :width: 50% + :alt: bitwarden-mac + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the Tor address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-tor-address.png + :width: 50% + :alt: vaultwarden-tor-address + + #. Paste the address into Bitwarden and click the save button: + + .. figure:: /_static/images/services/vaultwarden/bitwarden-mac-url.png + :width: 50% + :alt: bitwarden-tor-mac-url + + #. Enter the email used to create the account, followed by the password, then click "Log in with master password". + + .. group-tab:: LAN + + We suggest using Tor, however it is possible have a good experience with LAN. Once synced, your app and all your passwords will be cached and available when you are on the go and not connected to your Start9 Server, and you will only need to be on LAN to update any edits to your vault. + + #. Begin by making sure that LAN is :ref:`steup on your Mac`. + + #. Download the `Bitwarden Desktop app `_. + + #. Open the Bitwarden app and click on "Settings" in the top left: + + .. figure:: /_static/images/services/vaultwarden/bitwarden-mac.png + :width: 50% + :alt: bitwarden-mac + + #. Head to the "Interfaces" tab in the Vaultwarden service on your Start9 Server: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 50% + :alt: vaultwarden-interfaces + + #. Copy the LAN address: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-lan-address.png + :width: 50% + :alt: vaultwarden-lan-address + + #. Paste the address into Bitwarden and click the save button: + + .. figure:: /_static/images/services/vaultwarden/bitwarden-mac-url.png + :width: 50% + :alt: bitwarden-tor-mac-url + + #. Enter the email used to create the account, followed by the password, then click "Log in with master password". + + .. collapse:: Windows + + .. tabs:: + + .. group-tab:: Tor + + + #. Download the `Bitwarden Desktop app `_. + + #. Follow the Tor setup in the instructions below. Make sure the Bitwarden directory is located in your user's directory, ``C:\Users\YOURUSER\AppData\Local\Bitwarden``. This is because you need permission to run over a proxy. You can make a shortcut wherever you'd like. + + #. Right-click the shortcut and click 'Properties.' Add the flag ``--proxy-server=socks5://127.0.0.1:9050`` to the end of the 'Target' field. Click 'Apply,' then 'OK.' Close Properties and launch the shortcut. + + #. As with the other solutions above, click the 'Settings' icon, and enter your Vaultwarden Tor address. You can then log in to your vault. + + .. group-tab:: LAN + + This is not known to work at this time - LAN is tricky with Windows due to the often unreliable Bonjour and Bonjour Print Services required for handling mDNS. We suggest using Tor anyway if you are able as you will then be able to maintain connectivity to your server from anywhere in the world. \ No newline at end of file diff --git a/site/source/user-manual/service-guides/vaultwarden/bitwarden-clients.rst b/site/source/user-manual/service-guides/vaultwarden/bitwarden-clients.rst deleted file mode 100644 index c8ae09e..0000000 --- a/site/source/user-manual/service-guides/vaultwarden/bitwarden-clients.rst +++ /dev/null @@ -1,116 +0,0 @@ -.. _bitwarden-clients: - -================= -Bitwarden Clients -================= - -.. contents:: - :depth: 2 - :local: - -.. _vaultwarden-webvault: - -There are many ways to connect to and use your Vaultwarden server. - -Web Vault ---------- -1. First we will open up our Embassy and go to the Marketplace tab, select Vaultwarden, and install if you have not already done so. - -2. After install, click Configure. A strong admin token has been securely created by your Embassy, but you may change it if you wish. This can also be changed later. Click save. Click start to run the service. - -3. Next launch the Vaultwarden web interface. If you are connected to your Embassy on LAN, Vaultwarden will also launch on LAN. If you are connected over Tor, Vaultwarden will lanuch on Tor. What you are looking at now is your very own Vaultwarden website, served right from your Embassy. Let's create an account. Please note, you are creating an account with yourself on your own Vaultwarden website served from your own Vaultwarden server, there are no third parties involved here. Enter an email for logging in, a strong password that you will remember, and optionally a password hint. It is important to realize that this is the 'Master password' for all your other passwords. Make it very strong, memorize it, write it down, and back it up to a safe place. If you lose it, you may lose access to all your passwords and your entire digital life. - - Now you can log in to your new password manager! - -4. We are greeted with our newly setup Vaultwarden password vault. At the top you can visit 'Tools' for reports, a password generator, and to import data from another program, such as lastpass, onepass, or keepass. 'Settings' gives you all your options, including the ability to set up 2 factor authorization. - -5. Back at the main page for your vault, let's do a quick example login. We can setup a new folder here and save new login. For our example, we're going to use our FileBrowser instance. So click 'Add item,' then we'll fill in some test information. A name for the entry, a username, password, and the website we want to log in to. Then click 'Save.' - -.. _vaultwarden-admin: - -Accessing the Admin Console -=========================== -You will find the Admin console by adding ``/admin`` to the end of your Vaultwarden WebUI URL, found in the "Interfaces" section of the Vaultwarden Service page. You will be prompted for your "Admin Token," which is also found on your Vaultwarden Service page under "Properties." - -Browser Extension ------------------ -If connecting via Tor (i.e using the .onion address) the Bitwarden browser extension will only work with Tor browser or Firefox, since those are the only two browsers capable of using Tor, or in other words, access .onion URLs. Brave Browser can also access .onion URLs, but only in special tabs, not in extension, so the Bitwarden extension will not work on Brave. - -#. If you choose Tor Browser, everything will just work right out of the box. If you choose Firefox, you will need to configure both your :ref:`device ` and :ref:`Firefox ` to use Tor. - -#. In this example we will use Firefox. First, install the `Bitwarden browser extension `_. Once installed, click on the extension and click 'Settings' in the top left. Under 'Self-hosted environment,' you will see a field for 'Server URL,'. Here, we need to paste in our Vaultwarden Tor address. Go to your Embassy and copy your Vaultwarden Tor address, then return to the Bitwarden extension and paste it in, prefixed by ``http://``. Please note, you must use ``http``, not ``https``. Click 'Save.' - -#. Now you can click on the extension again, click 'Log In,' and enter your credentials. That's it, the extension is all set up! - -.. note:: If you wish to connect the extension via LAN instead of Tor (i.e your .local address), it will only update while connected to the same network as your Embassy. This isn't generally much of an issue as when you are away from your home network, all passwords previously synced between your device and your Embassy will remain cached and available to you. Any new passwords created while away from your LAN will not be uploaded to Vaultwarden until your device reconnects to your home network. Make sure to use `https://` when adding your LAN address. - -Mobile Apps ------------ - -Android -======= - -You will need to :ref:`Setup Tor ` on your device first. - -#. Visit your app store of choice and download the Bitwarden app. Once downloaded and installed, let's go into Orbot, and add the app to the VPN apps list. You may need to hit the refresh button in the top left to get it to populate. - -#. Next, enter the Bitwarden app. You'll be greeted with a log-in screen, and just like in the extension, you can go to the top left gear icon to enter the Settings. You'll need to enter your Tor address from your Embassy, so you can copy-paste it over to your phone, or type it in by hand. Don't forget to ensure the prefix is ``http://`` and NOT ``https://``. Hit save, and you'll be returned to the log-in screen. - -#. Go ahead and tap 'Log In,' enter your credentials, and you can access your Bitwarden app / Vaultwarden server. - -iOS -=== - -Unfortunately, the iOS app does not support Tor, so currently the Bitwarden app can only be synced on LAN. Once synced, your app and passwords will be cached and available when you are on the go, and you will only need to be on LAN to update any edits to your vault. - -You will need to :ref:`Setup LAN ` on your device first. - -#. Visit your app store and download the Bitwarden app. - -#. Next, enter the Bitwarden app. You'll be greeted with a log-in screen, and just like in the extension, you can go to the top left gear icon to enter the Settings. You'll need to enter your Vaultwarden LAN address from your Embassy, so you can copy-paste it over to your phone, or type it in by hand. Don't forget to ensure the prefix is ``https://``. Hit save, and you'll be returned to the log-in screen. - -#. Go ahead and tap 'Log In,' enter your credentials, and you can access your Bitwarden app / Vaultwarden server. - -Desktop Apps ------------- - -The desktop app is a bit more finicky, and arguably much less useful than the mobile and browser solutions, but below are the known good (tested) configurations if you'd like to use it. - -Linux -===== - -First, be sure to :ref:`Setup Tor ` natively. - -#. Download the `Bitwarden Desktop app `_. Depending on your Linux distribution and preference, you may want the AppImage, Deb, Snap, etc. You can also check your favorite package manager. - -#. Run the program with the flag ``--proxy-server=socks5://127.0.0.1:9050`` behind it. You can run this from a terminal, and if you'd like to use a shortcut, edit that shortcut file to include the flag. - -#. As with the other solutions above, click the 'Settings' icon, and enter your Vaultwarden Tor address. You can then log in to your vault. - -Alternatively, you may be able to run using your LAN address, but this has proven finicky, especially on Debian/Ubuntu systems. You will have better luck if you have the Root CA installed at the OS level. First, be sure to :ref:`Setup LAN ` natively. - -Mac -=== - -#. Download the `Bitwarden Desktop app `_. - -#. LAN - #. First, be sure to :ref:`Setup LAN ` natively. - - #. For LAN access, follow the LAN setup in the instructions below. After completing setup, simply open Bitwarden and add your Vaultwarden LAN address in the 'Settings' and login. - -#. Tor - Set up the system-wide proxy on your system with our :ref:`Tor guide`. - -#. You can now log in to your vault. - -Windows -======= - -#. Download the `Bitwarden Desktop app `_. - -#. Follow the Tor setup in the instructions below. Make sure the Bitwarden directory is located in your user's directory, ``C:\Users\YOURUSER\AppData\Local\Bitwarden``. This is because you need permission to run over a proxy. You can make a shortcut wherever you'd like. - -#. Right-click the shortcut and click 'Properties.' Add the flag ``--proxy-server=socks5://127.0.0.1:9050`` to the end of the 'Target' field. Click 'Apply,' then 'OK.' Close Properties and launch the shortcut. - -#. As with the other solutions above, click the 'Settings' icon, and enter your Vaultwarden Tor address. You can then log in to your vault. diff --git a/site/source/user-manual/service-guides/vaultwarden/bitwarden-walkthrough.rst b/site/source/user-manual/service-guides/vaultwarden/bitwarden-walkthrough.rst new file mode 100644 index 0000000..d51d1ff --- /dev/null +++ b/site/source/user-manual/service-guides/vaultwarden/bitwarden-walkthrough.rst @@ -0,0 +1,177 @@ +.. _bitwarden-walkthrough: + +========================= +Vaultwarden Initial Setup +========================= + +.. contents:: + :depth: 2 + :local: + +.. _vaultwarden-webvault: + +Web Vault +--------- + +#. Ensure Vaultwarden is running - click **START** on your Start9 Server if not: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-start-service.png + :width: 30% + :alt: vaultwarden-start-service + +#. Once the health check turns green, click **Launch UI**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-launch-ui.png + :width: 30% + :alt: vaultwarden-launch-ui + +#. Time to create an account! Click **Create account**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-create-account.png + :width: 40% + :alt: vaultwarden-create-account + + .. note:: You are creating an account with yourself on your own Vaultwarden website served from your own Vaultwarden server - there are no third parties involved here. + + +#. Enter an email address for login: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-create-account-email.png + :width: 30% + :alt: vaultwarden-create-account-email + + .. tip:: This email address can be anything you like. It doesn't have to be real. It is simply a way for you to log into Vaultwarden from Bitwarden apps on your devices. Your Vaultwarden server won't ever email you. + + .. tip:: You cannot use this email address to reset your master password - it is simply used to create an account on your server. + + .. warning:: Do not lose it - you will not be able to log in without it! + +#. Enter a name for the account, a strong password and (optionally) a password hint - then click **Create account**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-account-creation.png + :width: 30% + :alt: vaultwarden-account-creation + + .. warning:: It is important to realize that this is the 'Master password' for all your other passwords. Make it very strong, memorize it, write it down, and back it up to a safe place. If you lose it, you may lose access to all your passwords and your entire digital life. + +#. Now you can log in to your new password manager! Enter your email to login: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-login-email.png + :width: 30% + :alt: vaultwarden-login-email + +#. Then your master password: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-login-password.png + :width: 30% + :alt: vaultwarden-login-password + +#. We are greeted with our newly setup Vaultwarden password vault! + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-fresh-vault.png + :width: 30% + :alt: vaultwarden-fresh-vault + +#. At the top you can visit **Tools** for reports and to use the password generator. You can also import data from another program, such as Lastpass, Onepass, or KeePass! + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-tools.png + :width: 40% + :alt: vaultwarden-tools + +#. **Account settings** gives you all your options, including the ability to set up 2 factor authorization. + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-account-settings.png + :width: 40% + :alt: vaultwarden-account-settings + +#. Now you're ready to start storing some passwords! + +Storing your first password +--------------------------- + + #. Back at the main page for your vault, let's do a quick example login. We'll start by creating a folder for it: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-click-add-folder.png + :width: 50% + :alt: vaultwarden-click-add-folder + + #. Name the folder and click **Save**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-add-folder.png + :width: 30% + :alt: vaultwarden-add-folder + + #. Click **Add item**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-add-item.png + :width: 30% + :alt: vaultwarden-add-item + + #. Now add the credentials and click **Save**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-add-new-login.png + :width: 40% + :alt: vaultwarden-add-new-login + + .. tip:: An entry can have multiple URLs - for example you may wish to enter both an onion address and a .local address for one of the services you have running on your server. We are increasing the numbers of ways in which you can connect to your services, soon they may even have simple .com addresses! + + #. And there we have it - our first set of login credentials. + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-new-login.png + :width: 45% + :alt: vaultwarden-new-login + + Congratulations! You have setup your own self-hosted password manager and have added a set of login credentials to it! + + + + .. _vaultwarden-admin: + + + +Accessing the Admin Console +--------------------------- + +#. You will find the Admin console by heading to "Interfaces" on the Vaultwarden Service page. + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces.png + :width: 40% + :alt: vaultwarden-interfaces + +#. Copy either of the addresses here and append **/admin**: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-interfaces-both.png + :width: 40% + :alt: vaultwarden-interfaces-both + + .. tip:: A typical address would look like https://abcdefghijklmnopqrstuvwxz.local/admin or http://abcdefghijklmnopqrstuvwxz.onion/admin + +#. You will be prompted for your "Admin Token," which can be found on your Vaultwarden Service page under "Properties." + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-properties.png + :width: 40% + :alt: vaultwarden-admin-properties + +#. Copy the token here: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-properties-admin.png + :width: 40% + :alt: vaultwarden-admin-properties-admin + +#. And paste it here: + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-admin-console-auth.png + :width: 40% + :alt: vaultwarden-admin-console-auth + +#. You're now logged in to the admin panel. + + .. figure:: /_static/images/services/vaultwarden/vaultwarden-admin-console.png + :width: 40% + :alt: vaultwarden-admin-console + + .. note:: This cannot be used to reset passwords for accounts created on your Vaultwarden server. + +| + +Now you'll want to setup some client devices! :ref:`Head here for instructions on how to do so.` \ No newline at end of file diff --git a/site/source/user-manual/service-guides/vaultwarden/index.rst b/site/source/user-manual/service-guides/vaultwarden/index.rst index b10fc1b..e0d4bf2 100644 --- a/site/source/user-manual/service-guides/vaultwarden/index.rst +++ b/site/source/user-manual/service-guides/vaultwarden/index.rst @@ -4,19 +4,15 @@ Vaultwarden =========== -Vaultwarden is a self-hosted password manager, which means your passwords physically live on your Embassy. Be sure to create backups and keep them safe! If you lose your Embassy or uninstall Vaultwarden, and you have not made a backup, all your passwords will be lost forever. If you currently have a *hosted* account with Bitwarden, you can export your data from that account and import it to your Vaultwarden service on Embassy using the built-in import/export features in any Bitwarden application. +Vaultwarden is a self-hosted password manager, which means your passwords physically live on your Start9 Server. Be sure to create backups and keep them safe! If you lose your Server or uninstall Vaultwarden, and you have not made a backup, all your passwords will be lost forever. -.. note:: The version of Bitwarden server used on the Embassy is a fork called "Vaultwarden." It functions with all of the apps/integrations that are built for, and still named after, "Bitwarden." We apologize for any confusion this may cause. +If you currently have a **hosted** account with Bitwarden, you can export your data from that account and import it to your Vaultwarden service on your Start9 Server using the built-in import/export features in any Bitwarden application! -Check out our `Vaultwarden video `_ for basic features and setup! - - .. youtube:: YcxxVHpm9j0 - :width: 100% - -Follow the guides below to get the most out of your Vaultwarden server. +Follow the guides below to get the most out of your Vaultwarden server: .. toctree:: :maxdepth: 1 - bitwarden-clients + bitwarden-walkthrough + bitwarden-client-setup vaultwarden-organizations