Original Tutorial: https://www.hostloc.com/thread-703431-1-1.html
Preface
Some of you may have some Azure accounts that have expired after 12 months of free service, so you can do something useful with them. Bitwarden, a self-hosted password management program, is quite comfortable to use and has clients available on all platforms.
Github:
GitHub
hjh142857/scripts
Some Personal Scripts
40 20
How to Install
Application Service (App Service), add, enter a name, select Docker for publishing, select Linux for the operating system, select the region as needed, select the free F1 plan for SKU and size, view and create directly, then click create.
Wait a few minutes for the deployment to complete and click Go to resource.
Modify some environment configurations, sidebar Settings (Configuration), Application settings, change the value of WEBSITES_ENABLE_APP_SERVICE_STORAGE to true, do not select the deployment slot settings.
Sidebar Settings (Configuration), General settings, change Web sockets to On, click Save, and continue.
Sidebar Development Tools (Advanced Tools) - Go to - Click Bash in the navigation bar, and execute the following command, you can paste with Ctrl+V.
mkdir /home/site/wwwroot/bitwarden
wget -P /home/site/wwwroot/bitwarden/
https://raw.githubusercontent.com/hjh142857/scripts/master/Azure_Bitwarden/bitwarden.sh
6. Sidebar Settings (Container Configuration), Docker Compose (Preview), Docker Hub, Public, Continuous Deployment (Off), modify the environment variable configuration in docker-compose.yml according to your needs, after pasting the yml configuration, click Save (tips: delete the Chinese comments in the yml configuration, otherwise there will be no response when clicking Save).
7. Sidebar Overview - Restart.
8. Almost forgot, after finishing, go to https://uptimerobot.com/ to set up a web monitor to prevent hibernation. It has been tested for 6 hours, and setting up an HTTP request every half hour works fine.
How to Update the Image
Make sure there are no password updates or new user registrations within twice the backup cycle, and then restart according to step 7. If the default timing cycle in the YML file is set to 10 minutes, then not submitting new data within 20 minutes is sufficient. Under normal circumstances, Azure will automatically pull the latest image. If it is found that the latest image is not automatically pulled, you can modify the image item in the YML configuration file to specify the referenced image version, such as changing image: bitwardenrs/server to image: bitwardenrs/server:1.15.1-alpine. It is recommended to choose the Alpine packaging series to save the limited resource quota of the free plan.
What to do if Web Admin redirects to localhost after login
Resolved, refer to the YML configuration file updated on 20200616 and add the DOMAIN environment variable.
Reference Configuration for YML
Github: https://github.com/hjh142857/scripts/tree/master/Azure_Bitwarden
version: '3'
services:
bitwarden:
image: bitwardenrs/server
restart: always
volumes:
- ${WEBAPP_STORAGE_HOME}/site/wwwroot/bitwarden:/home
entrypoint: /home/bitwarden.sh
command: ["/bitwarden_rs"]
environment: # After completing the environment variable configuration, all Chinese comments must be deleted, otherwise it cannot be saved
- WEBSOCKET_ENABLED=true # Enable websocket for pushing password changes
- SIGNUPS_ALLOWED=true # Allow new user registrations, set to false to disable new registrations
- WEB_VAULT_ENABLED=true # User web page, set to false to disable
- ADMIN_TOKEN=your_web_admin_panel_password # Password for the web admin panel, if not set, the management panel will be disabled, please read the README for details
- DOMAIN=https://your_domain # Domain setting, the format for the free F1 plan domain is https://xxx.azurewebsites.net
- REALTIME_BAK_CYCLE=10 # Interval in minutes for scheduled backups, needs to be divisible by 60, set to 0 to disable all backups (including FTP backups)
- DAILY_BAK_COUNTS=5 # Number of daily backups for FTP, backed up at 0:00 Beijing time every day
- FTP_URL=ftp://your_ftp_url/your_folder/ # FTP backup address, must end with /, otherwise an error will occur. If this item is not set, remote FTP backup is disabled
- FTP_USER=your_ftp_username # FTP username, if remote FTP backup is not enabled, this can be left unset
- FTP_PASS=your_ftp_password # FTP password, if remote FTP backup is not enabled, this can be left unset
nginx:
image: nginx
volumes:
- ${WEBAPP_STORAGE_HOME}/site/wwwroot/bitwarden:/home
ports:
- "80:80"
restart: always
entrypoint: /home/bitwarden.sh
command: ["nginx","-g","daemon off;"]
depends_on:
- bitwarden
Some Small Details
For the complete version, please visit the author's Github: https://github.com/hjh142857/scripts/tree/master/Azure_Bitwarden
Here I will excerpt a part
If you want to disable registration after registering your own account, please wait for a new backup file to be generated under the /home/site/wwwroot/bitwarden/backup_realtime directory before modifying the YML to disable registration.
The websocket in the current free F1 plan has a bug and cannot be used temporarily. It is being resolved. Please refer to the Azure official documentation and Github Issue.
To restore from a backup downloaded from FTP, place it in the /home/site/wwwroot/bitwarden/backup_daily directory after downloading and clear all other backups in the backup_realtime and backup_daily directories, then restart the container to restore.
After registration is disabled, the create account button will not be deleted, but new registrations will not be allowed.