Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

Setup Bitwarden in a jail for local useage

newfreenas

Member
Joined
Nov 7, 2018
Messages
28
Thank you! I am working my way through but noticed the bash script is missing a '"' at the end, caused an error on implementation.

echo "Enter every line, no need for other configs, only your password


keep getting network errors when trying to create an account but I'm confident its my fault :smile:

thank you again!
 

whokares

Newbie
Joined
Jan 21, 2020
Messages
1
Just finished installing and setting it up on FreeNAS-11.2-U7 using 11.3-RELEASE-p5 jail. Works pretty smoothly. Of course I needed to take a few deviations.
Few points of note: Modern Bitwarden clients do not work with self-signed certificates used in nginx so needed to take the Let's Encrypt certificate approach (for some reason android app did not work till fullchain.cer was used) but having own domain with a subdomain pointed to a Bitwarden jail lan ip is not a big issue and Bitwarden jail only had internet access during installation of the packages to mitigate security concerns. OpenVPN into lan should if external access is required.
Needed to run:
gem install bundler:1.17.1 (from within rubywarden directory, auto installed version did not support rubywarden scripts)
pkg install screen (important later to run it at startup)


To create it into a service of sort using screen, I adapted a script from diedrichg. There is -D option for Rackup that daemonizes it but using that approach the Bitwarden clients were not able to login.
Append rubywarden_enable="YES" into /etc/rc.conf
chmod 775 /etc/rc.d/rubywarden as root
Code:
[_rubywarden@rubywarden ~]$ cat /etc/rc.d/rubywarden

Code:
#!/bin/sh
# File name 'rubywarden'
# Place this file into /etc/rc.d
# Edit /etc/rc.conf to include rubywarden_enable="YES"

. /etc/rc.subr

name="rubywarden"
rcvar=rubywarden_enable

PATH="$PATH:/usr/local/bin"

start_cmd="${name}_start"
stop_cmd=":"

load_rc_config $name
eval "${rcvar}=\${${rcvar}:-'NO'}"

rubywarden_start()
{
# And start up the service.

su _rubywarden -c 'cd /home/_rubywarden/rubywarden; /usr/local/bin/screen -d -m env RUBYWARDEN_ENV=production RUBYWARDEN_ALLOW_SIGNUPS=1 bundle exec rackup -p 4567 config.ru'

}

run_rc_command "$1"

Hopefully this is of some help.
 

Herman Eggink

Member
Joined
Jan 27, 2014
Messages
51
Hey @whokares I am trying to get this installed in a jail as well. What steps did you follow to get proper certificates installed? I keep getting errors that the certificate is invalid :-(. Could it be that duckdns is messing things up?
 

Herman Eggink

Member
Joined
Jan 27, 2014
Messages
51
Never mind. My jail exposed the rubywarden port through NAT rather than the nginx port. Silly me :-(.
 
Top