Initial Vaultwarden Docker setup

Add simplified configuration for Vaultwarden migration: - Minimal docker-compose.yml with essential settings - Simple .env.example template - Concise migration guide (ANLEITUNG.md) - Repository documentation (CLAUDE.md) - .gitignore for data protection Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-16 21:58:19 +01:00 · 2026-02-16 21:58:19 +01:00 · bbfbc56a2c
commit bbfbc56a2c
6 changed files with 209 additions and 0 deletions
--- a/.claude/settings.local.json
+++ b/.claude/settings.local.json
@ -0,0 +1,8 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(chmod:*)",
+      "Bash(git add:*)"
+    ]
+  }
+}
--- a/.env.example
+++ b/.env.example
@ -0,0 +1,5 @@
+# Domain/URL (WICHTIG: Muss mit alter VM übereinstimmen!)
+DOMAIN=https://vault.example.com
+
+# Admin-Token (generieren mit: openssl rand -base64 48)
+ADMIN_TOKEN=
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,36 @@
+# Vaultwarden Daten (NIEMALS committen!)
+vw-data/
+vaultwarden-data/
+*.sqlite3
+*.sqlite3-shm
+*.sqlite3-wal
+
+# RSA-Schlüssel
+rsa_key.*
+
+# Umgebungsvariablen (enthalten Secrets)
+.env
+
+# Backups
+*.tar.gz
+*.zip
+backup/
+backups/
+
+# SSL-Zertifikate
+ssl/
+*.pem
+*.crt
+*.key
+
+# Logs
+*.log
+logs/
+
+# Temporäre Dateien
+*.tmp
+.DS_Store
+Thumbs.db
+
+# Nginx-Konfiguration mit sensiblen Daten (optional)
+nginx.conf
--- a/ANLEITUNG.md
+++ b/ANLEITUNG.md
@ -0,0 +1,102 @@
+# Vaultwarden Migration - Anleitung
+
+## Vorbereitung
+
+### 1. Daten von alter VM sichern
+
+```bash
+# Auf der alten VM
+docker cp vaultwarden:/data ~/vaultwarden-data
+tar -czf vaultwarden-data.tar.gz vaultwarden-data/
+```
+
+### 2. Daten zur neuen VM übertragen
+
+```bash
+# Von alter VM zu neuer VM
+scp vaultwarden-data.tar.gz user@neue-vm:/opt/projects/vaultwarden-docker/
+
+# Auf der neuen VM
+cd /opt/projects/vaultwarden-docker
+tar -xzf vaultwarden-data.tar.gz
+mv vaultwarden-data vw-data
+sudo chown -R 1000:1000 vw-data
+```
+
+## Installation auf neuer VM
+
+### 1. Umgebungsvariablen konfigurieren
+
+```bash
+cd /opt/projects/vaultwarden-docker
+cp .env.example .env
+nano .env
+```
+
+**Wichtig:** Setze `DOMAIN` auf die gleiche URL wie bei der alten VM!
+
+Generiere Admin-Token:
+```bash
+openssl rand -base64 48
+```
+
+### 2. Container starten
+
+```bash
+docker compose up -d
+```
+
+### 3. Logs prüfen
+
+```bash
+docker compose logs -f
+```
+
+### 4. Testen
+
+```bash
+# Datenbank-Integrität prüfen
+docker compose exec vaultwarden sqlite3 /data/db.sqlite3 "PRAGMA integrity_check;"
+
+# Sollte "ok" ausgeben
+```
+
+Öffne im Browser: `http://neue-vm-ip:8080`
+
+## Alte VM stilllegen
+
+**Erst nach erfolgreichen Tests!**
+
+```bash
+# Auf der alten VM
+docker stop vaultwarden
+```
+
+## Nützliche Befehle
+
+```bash
+# Logs anzeigen
+docker compose logs -f
+
+# Container neustarten
+docker compose restart
+
+# Container stoppen
+docker compose down
+
+# Status prüfen
+docker compose ps
+```
+
+## Struktur
+
+```
+/opt/projects/vaultwarden-docker/
+├── docker-compose.yml
+├── .env
+└── vw-data/              # Migrierte Daten
+    ├── db.sqlite3        # Datenbank
+    ├── rsa_key.*         # Schlüssel
+    ├── attachments/
+    └── icon_cache/
+```
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -0,0 +1,39 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+Simple Vaultwarden Docker setup for migration from old VM to new VM.
+Project path on new system: `/opt/projects/vaultwarden-docker`
+
+## Critical Data Files in vw-data/
+
+- `db.sqlite3` - Database (all accounts, vaults, encrypted passwords)
+- `rsa_key.*` - Encryption keys (CRITICAL - loss = unrecoverable data)
+- `attachments/` - File attachments
+- `icon_cache/` - Website icons
+
+**SECURITY**: Never commit vw-data/, .env, or any sensitive files.
+
+## Commands
+
+```bash
+# Start
+docker compose up -d
+
+# Logs
+docker compose logs -f
+
+# Stop
+docker compose down
+
+# Check DB integrity
+docker compose exec vaultwarden sqlite3 /data/db.sqlite3 "PRAGMA integrity_check;"
+```
+
+## Migration Notes
+
+- DOMAIN in .env must match old VM (for session preservation)
+- Volume maps ./vw-data to /data in container
+- Ports: 8080 (HTTP), 3012 (Websocket)
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -0,0 +1,19 @@
+version: '3.8'
+
+services:
+  vaultwarden:
+    image: vaultwarden/server:latest
+    container_name: vaultwarden
+    restart: unless-stopped
+
+    environment:
+      DOMAIN: "${DOMAIN}"
+      ADMIN_TOKEN: "${ADMIN_TOKEN}"
+      WEBSOCKET_ENABLED: "true"
+
+    volumes:
+      - ./vw-data:/data
+
+    ports:
+      - "8080:80"
+      - "3012:3012"